Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Ordner "bProtection for Windows" macht was er will (https://www.trojaner-board.de/125494-ordner-bprotection-for-windows-macht-will.html)

Schnegge82 10.10.2012 23:57
Ordner "bProtection for Windows" macht was er will
 
Hallo,

ich habe da ein Problem mit meinem Rechner. Irgendwie kam mir die Kiste zeimlich langsam vor und da habe ich angefangen, ertsmal alles unnötige von meinem Desktop und der Festplatte zu entfernen. Dabei ist mir der Ordner "bProtectorForWindows" aufgefallen. Darin enthalten ist ein Ordner namens "2.1.415.37". Darin wiederum befinder sich der Ordner "traking_settings". In dem Order ist dann eine leere Datei namens "01".

Denn Ordner "bProtectorForWindows" mit besagtem Inhalt gibt es mehrfach quer über die Festplatte zerstreut. Der Ordner kann zwar an einigen Stellen gelöscht werden, erstellt sich aber öfter von selbst wenn mann irgendwohin Datein speichert oder neu erstellt.
Habe zu dem Thema "bProtectorForWindows" bei hier bereits einen ähnlichen Beitrag gefunden. Darin wurde empfohlen, einen Vollscan mit Malwarebytes Anti-Malware durchzuführen. Hab ich gemacht.

Hier das Logfile:
http://www.trojaner-board.de/attachm...1&d=1349909444

Dann sollte mit OTL gescannt und dann mit einem spezifischen Code gefixt werden. Dann ich nicht in der Lage bin einen Code zum fixen zu erstellen, habe ich mir gedacht ich post mal meine Ergebnisse und hoffe auf Eure hilfe.

Nach dem Anmelden wurde dann empfohlen, erstmal mit diesem "Defogger", OTL und Gmer zu scannen und die Logs zu posten.

Hier also nun die drei Logs:

http://www.trojaner-board.de/attachm...1&d=1349909722

Weiß echt nicht weiter wie ich das wieder in den Griff bekommen soll?

Kann mir da vielleicht jemand weiterhelfen?

cosinus 11.10.2012 18:12
Code:
BÜRO-PC [Administrator]
BÜRO-PC? Ist das ein Firmenrechner?

Schnegge82 11.10.2012 22:41
Nee, ist ein privater PC. Ist halt der Rechner, der im Büro steht. In ferner Zukunft ist ein Netzwerk im Haus geplant. Daher die Benennung gemäß des Aufstellorts. :)

cosinus 12.10.2012 12:11

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Schnegge82 14.10.2012 22:42
Hier das Ergebnis des Scans mit Eset:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fd550fa011dcf148ab71ba8f322b1969
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-13 09:48:52
# local_time=2012-10-13 11:48:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5121 16777213 100 75 3898835 4441730 0 0
# compatibility_mode=5892 16776574 100 95 149273671 187689308 0 0
# compatibility_mode=8192 67108863 100 0 74104 74104 0 0
# scanned=254647
# found=19
# cleaned=0
# scan_time=8352
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarApp.dll        a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarEng.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarsrv.exe        probably a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll        a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe        probably a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\78NCRCX2\main[1]        Win32/LockScreen.AHO trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\78NCRCX2\main[2]        Win32/LockScreen.AHO trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JTYCXYBI\main[1]        Win32/LockScreen.AHO trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\1AA6DD38-BAB0-7891-97E4-A762E7733E75\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\1AA6DD38-BAB0-7891-97E4-A762E7733E75\Setup.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\is1373634743\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\is1972027439\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\Downloads\installer_command_and_conquer_3_tiberium_wars.exe        multiple threats (unable to clean)        00000000000000000000000000000000        I
Dieser "Babylon Toolbar" war irgendwann plötzlich im browser. Nichts was wirklich gewollt ist.

cosinus 15.10.2012 13:29
Code:
C:\Users\***\Downloads\installer_command_and_conquer_3_tiberium_wars.exe
Aus welcher Quelle stammt diese Datei?

Schnegge82 15.10.2012 16:23
Hab die Datei letztes Jahr aus dem Internet runtergeladen. Kann leider nicht mehr nachvollziehen woher genau. In den Datei-Eigenschaften ist unter 'Digitale Signaturen' "Inffinity Internet" angegeben. Die Datei scheint meines Erachtens nach überflüssig. :-)

cosinus 15.10.2012 17:51
Bitte diese Datei bei Virustotal auswerten lassen und den Ergebnislink posten. Falls Du die Datei nicht siehst, musst Du sie evtl. vorher sichtbar machen.
Wenn die Datei schon ausgewertet sein sollte, bitte eine weitere Auswertung starten.

Schnegge82 15.10.2012 18:39
Hier der Link:
https://www.virustotal.com/file/5be993c247dfb3163afed25da66820215a6c70e3e1d083c35be910d30e47db48/analysis/1350322449/

cosinus 15.10.2012 20:35
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Schnegge82 15.10.2012 21:20
So, hier das Ergebnis von adwcleaner:

Code:
# AdwCleaner v2.005 - Datei am 15/10/2012 um 22:11:57 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - BÜRO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : bProtector

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\user.js
Ordner Gefunden : C:\Program Files\BabylonToolbar
Ordner Gefunden : C:\ProgramData\Anti-phishing Domain Advisor
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\blekko toolbars
Ordner Gefunden : C:\ProgramData\bProtectorForWindows
Ordner Gefunden : C:\ProgramData\IBUpdaterService
Ordner Gefunden : C:\ProgramData\Trymedia
Ordner Gefunden : C:\Users\***\AppData\Local\Babylon
Ordner Gefunden : C:\Users\***\AppData\Local\Temp\BabylonToolbar
Ordner Gefunden : C:\Users\***\AppData\Local\Temp\bProtectorForWindows
Ordner Gefunden : C:\Users\***\AppData\LocalLow\BabylonToolbar
Ordner Gefunden : C:\Users\***\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\extensions\ffxtlbr@babylon.com
Ordner Gefunden : C:\Users\***\Desktop\bProtectorForWindows
Ordner Gefunden : C:\Users\***\Documents\bProtectorForWindows
Ordner Gefunden : C:\Windows\system32\bProtectorForWindows

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\bProtector
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Anti-phishing Domain Advisor
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\b
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gefunden : HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6001.18000

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=42dd5efb000000000000001bdc0fcd1e

-\\ Mozilla Firefox v11.0 (de)

Profilname : default
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\prefs.js

Gefunden : user_pref("avg.install.userHPSettings", "^hxxp://blekko\\.com/ws/\\?source=017d87aa.*");
Gefunden : user_pref("avg.install.userSPSettings", "Blekko");
Gefunden : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Gefunden : user_pref("browser.search.defaultenginename", "Blekko");
Gefunden : user_pref("browser.search.order.1", "Blekko");
Gefunden : user_pref("browser.search.selectedEngine", "Blekko");
Gefunden : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gefunden : user_pref("extensions.BabylonToolbar.babTrack", "affID=110819");
Gefunden : user_pref("extensions.BabylonToolbar.bbDpng", 15);
Gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gefunden : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Gefunden : user_pref("extensions.BabylonToolbar.hmpg", true);
Gefunden : user_pref("extensions.BabylonToolbar.id", "42dd5efb000000000000001bdc0fcd1e");
Gefunden : user_pref("extensions.BabylonToolbar.instlDay", "15460");
Gefunden : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gefunden : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=110819&babsrc=KW[...]
Gefunden : user_pref("extensions.BabylonToolbar.lastDP", 15);
Gefunden : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.170:44:50");
Gefunden : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "11.0");
Gefunden : user_pref("extensions.BabylonToolbar.newTab", false);
Gefunden : user_pref("extensions.BabylonToolbar.newTabUrl", "^hxxp://blekko\\.com/ws/\\?source=017d87aa.*");
Gefunden : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gefunden : user_pref("extensions.BabylonToolbar.propectorlck", 88882346);
Gefunden : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Gefunden : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gefunden : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Gefunden : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Gefunden : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Gefunden : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Gefunden : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Gefunden : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.170:44:50");
Gefunden : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Gefunden : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gefunden : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819");
Gefunden : user_pref("extensions.BabylonToolbar_i.hardId", "42dd5efb000000000000001bdc0fcd1e");
Gefunden : user_pref("extensions.BabylonToolbar_i.id", "42dd5efb000000000000001bdc0fcd1e");
Gefunden : user_pref("extensions.BabylonToolbar_i.instlDay", "15460");
Gefunden : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Gefunden : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Gefunden : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Gefunden : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gefunden : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gefunden : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.170:44:50");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Gefunden : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.1.9,{a0442ee1-d2e7-44c0-b4a5-8c4e6b0357[...]
Gefunden : user_pref("keyword.URL", "hxxp://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_020&u=U[...]

*************************

AdwCleaner[R1].txt - [12302 octets] - [15/10/2012 22:11:57]

########## EOF - C:\AdwCleaner[R1].txt - [12363 octets] ##########

cosinus 16.10.2012 16:02
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Schnegge82 16.10.2012 18:58
Ok, Löschen durchgeführt. Der Rechner hat neu gestartet und folgenden Text ausgespukt:

Code:
# AdwCleaner v2.005 - Datei am 16/10/2012 um 19:47:14 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - BÜRO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : bProtector

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\user.js
Gelöscht mit Neustart : C:\ProgramData\bProtectorForWindows
Ordner Gelöscht : C:\Program Files\BabylonToolbar
Ordner Gelöscht : C:\ProgramData\Anti-phishing Domain Advisor
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\blekko toolbars
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Users\***\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\***\AppData\Local\Temp\BabylonToolbar
Ordner Gelöscht : C:\Users\***\AppData\Local\Temp\bProtectorForWindows
Ordner Gelöscht : C:\Users\***\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\***\Desktop\bProtectorForWindows
Ordner Gelöscht : C:\Users\***\Documents\bProtectorForWindows
Ordner Gelöscht : C:\Windows\system32\bProtectorForWindows

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\bProtector
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Anti-phishing Domain Advisor
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Anti-phishing Domain Advisor
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Anti-phishing Domain Advisor]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6001.18000

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=110819&babsrc=HP_ss&mntrId=42dd5efb000000000000001bdc0fcd1e --> hxxp://www.google.com

-\\ Mozilla Firefox v11.0 (de)

Profilname : default
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\prefs.js

C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\user.js ... Gelöscht !

Gelöscht : user_pref("avg.install.userHPSettings", "^hxxp://blekko\\.com/ws/\\?source=017d87aa.*");
Gelöscht : user_pref("avg.install.userSPSettings", "Blekko");
Gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Blekko");
Gelöscht : user_pref("browser.search.order.1", "Blekko");
Gelöscht : user_pref("browser.search.selectedEngine", "Blekko");
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar.babTrack", "affID=110819");
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 15);
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Gelöscht : user_pref("extensions.BabylonToolbar.hmpg", true);
Gelöscht : user_pref("extensions.BabylonToolbar.id", "42dd5efb000000000000001bdc0fcd1e");
Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15460");
Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=110819&babsrc=KW[...]
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 15);
Gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.170:44:50");
Gelöscht : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "11.0");
Gelöscht : user_pref("extensions.BabylonToolbar.newTab", false);
Gelöscht : user_pref("extensions.BabylonToolbar.newTabUrl", "^hxxp://blekko\\.com/ws/\\?source=017d87aa.*");
Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar.propectorlck", 88891087);
Gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Gelöscht : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
Gelöscht : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.170:44:50");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819");
Gelöscht : user_pref("extensions.BabylonToolbar_i.hardId", "42dd5efb000000000000001bdc0fcd1e");
Gelöscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15460");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.170:44:50");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Gelöscht : user_pref("extensions.enabledAddons", "ffxtlbr@babylon.com:1.1.9,{a0442ee1-d2e7-44c0-b4a5-8c4e6b0357[...]
Gelöscht : user_pref("keyword.URL", "hxxp://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_020&u=U[...]

*************************

AdwCleaner[R1].txt - [12400 octets] - [15/10/2012 22:11:57]
AdwCleaner[S1].txt - [11541 octets] - [16/10/2012 19:47:14]

########## EOF - C:\AdwCleaner[S1].txt - [11602 octets] ##########
Der Toolbar ist übrigens im Browser verschwunden und ich hab das Gefühl es surft sich wieder schneller. :-)

Vielen Dank schon mal.

Ist meine Rechner den jetzt wieder sauber?

cosinus 17.10.2012 13:22
Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!)

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Schnegge82 29.11.2012 16:34
Moin Moin,

Sorry dass ich erst so spät antworte. War leider etwas länger ohne Internet :-(

Sieht alles gut aus. Windows läuft wieder und im Startmenü ist auch alles wie vorher.

Mir sind da auf der Festplatte allerdings noch ein paar merkwürdige Ordner aufgefallen in denen sich jeweils der Ordner "bProtectionForWindows" befindet:

0d53fb2df60fad5e2e18f6dc5ee5
2b2569472d675699af924504
16f64222d07c1d34d3c5e326568d1a
853c20ad8dfa86f7e869541106c0
6619f01411349fa75024cd067871
9696a39631d3572b27f7fbbd139a75
e4d3c533d85e520af54ff98ff9

cosinus 29.11.2012 16:41
Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus.

aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Schnegge82 02.12.2012 23:58
So, hab beide Scans durchgeführt. Das Ergebnis von GMER ist leider irgendwie zu lang um es in nem CODE-Tag zu posten, deshalb als Datei im Anhang.

Beim Scannen mit aswMBR ist das Programm beim ersten Scan abgestürzt. Beim Scannen mit der Einstellung "AV Scan" (none) hat's dann bis zum Ende geklappt. Hier das Ergebnis:
Code:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-02 21:44:54
-----------------------------
21:44:54.482    OS Version: Windows 6.0.6001 Service Pack 1
21:44:54.482    Number of processors: 2 586 0x170A
21:44:54.483    ComputerName: BÜRO-PC  UserName: ***
21:44:56.307    Initialize success
21:45:04.418    AVAST engine defs: 12120101
21:45:30.730    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:45:30.732    Disk 0 Vendor: SAMSUNG_HD103UJ 1AA01117 Size: 953869MB BusType: 3
21:45:31.015    Disk 0 MBR read successfully
21:45:31.017    Disk 0 MBR scan
21:45:31.021    Disk 0 Windows VISTA default MBR code
21:45:31.026    Disk 0 Partition 1 00    DE Dell Utility Dell 8.0      78 MB offset 63
21:45:31.060    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS        15360 MB offset 161792
21:45:31.163    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS      938429 MB offset 31619072
21:45:31.262    Disk 0 scanning sectors +1953521664
21:45:31.783    Disk 0 scanning C:\Windows\system32\drivers
21:46:21.550    Service scanning
21:46:40.221    Modules scanning
21:47:24.356    Disk 0 trace - called modules:
21:47:24.380    ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
21:47:24.383    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86200520]
21:47:24.386    3 CLASSPNP.SYS[8a80c745] -> nt!IofCallDriver -> [0x85742918]
21:47:24.389    5 acpi.sys[806976bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8571c8e0]
21:47:24.392    Scan finished successfully
22:42:12.198    Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
22:42:12.229    The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"

cosinus 03.12.2012 13:28
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Schnegge82 09.12.2012 17:27
So, geschafft. Hier die Log Datei von Combofix:


Combofix Logfile:
Code:
ComboFix 12-12-07.01 - *** 09.12.2012  16:52:01.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6001.1.1252.49.1031.18.3069.2009 [GMT 1:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee  Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee  Anti-Virus und Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\Mozilla Firefox\searchplugins\search.xml
c:\programdata\SPL2B1.tmp
c:\programdata\SPL69BA.tmp
c:\programdata\SPLAA27.tmp
c:\programdata\SPLE08E.tmp
c:\programdata\SPLE494.tmp
C:\timerintray
c:\users\***\AppData\Roaming\Help\coredb\storage
c:\users\***\AppData\Roaming\MSA
c:\windows\unin0407.exe
D:\AUTORUN.INF
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-11-09 bis 2012-12-09  ))))))))))))))))))))))))))))))
.
.
2012-12-09 16:03 . 2012-12-09 16:04        --------        d-----w-        c:\users\***\AppData\Local\temp
2012-12-09 16:03 . 2012-12-09 16:03        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-12-08 15:56 . 2012-04-20 15:40        146872        ----a-w-        c:\windows\system32\drivers\HipShieldK.sys
2012-12-08 15:46 . 2012-11-19 00:04        6812136        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{05625C12-553F-4826-8A3E-FA903151CCB5}\mpengine.dll
2012-12-08 15:45 . 2012-12-08 15:46        --------        d-----w-        C:\a11620652cd54cb7a848
2012-12-02 20:09 . 2012-12-02 20:09        --------        d-----w-        c:\users\***\bProtectorForWindows
2012-12-02 19:00 . 2012-12-02 19:00        --------        d-----w-        C:\bcf5bcbe93c4b8bbd8307d4f62
2012-11-29 14:21 . 2012-11-29 14:22        --------        d-----w-        C:\6619f01411349f7fa75024cd067871
2012-11-24 22:34 . 2012-11-24 22:34        --------        d-----w-        C:\2b2569472d675899af924504
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-31 14:10 . 2012-10-31 14:10        773968        ----a-w-        c:\windows\system32\msvcr100.dll
2012-10-31 14:10 . 2012-10-31 14:10        138056        ----a-w-        c:\windows\system32\atl100.dll
2012-05-19 08:13 . 2012-01-27 22:23        97208        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
2011-04-14 12:01 . 2011-06-01 22:06        24376        ----a-w-        c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}]
2012-03-19 17:35        85288        ----a-w-        c:\program files\blekkotb_020\blekkotb_019X.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"RGSC"="c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-13 6609440]
"dldtmon.exe"="c:\program files\Dell V305\dldtmon.exe" [2008-06-24 668912]
"dldtamon"="c:\program files\Dell V305\dldtamon.exe" [2008-06-24 16624]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-13 61440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"Dell DataSafe Online"="c:\program files\Dell DataSafe Online\DataSafeOnline.exe" [2009-07-07 1779952]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-10-19 286720]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1278648]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-12-08 421736]
"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2012-02-03 220744]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2009-07-16 165104]
"DSUpdateLauncher"="c:\program files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat" [2009-03-09 374]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2009-09-10 21:30        10536        ----a-w-        c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\bprote~1\21415~1.37\protec~1.dll
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs        REG_MULTI_SZ          BthServ
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-30 01:11]
.
2012-12-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-30 01:11]
.
2012-11-24 c:\windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:08]
.
2012-11-24 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:08]
.
2012-12-09 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:08]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_020&u=USERGUID&q=
FF - ExtSQL: !HIDDEN! 2009-10-01 12:29; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-{D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)
HKCU-Run-avupdate - c:\users\***\AppData\Roaming\mahmud.exe
HKLM-Run-dellsupportcenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
AddRemove-LucasArts' Monkey4 - c:\windows\unin0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-12-09 17:04
Windows 6.0.6001 Service Pack 1 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\SecuROM\License information*]
"datasecu"=hex:15,b9,70,90,f0,0f,71,a4,f1,32,fe,6b,1e,5d,f7,19,b0,2b,10,4f,ad,
  fa,99,d2,73,21,b8,23,4c,85,78,f2,06,fa,0e,94,22,8d,49,96,e9,82,ed,a1,71,24,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
Zeit der Fertigstellung: 2012-12-09  17:09:41
ComboFix-quarantined-files.txt  2012-12-09 16:09
.
Vor Suchlauf: 20 Verzeichnis(se), 600.695.287.808 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 614.374.952.960 Bytes frei
.
- - End Of File - - FB54E8D50871B9CE9555C98D7C43338F
--- --- ---

Keine Probleme beim Scannen oder danach.

cosinus 09.12.2012 18:12
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Schnegge82 09.12.2012 20:26
Und hier das Ergebnis von adwCleaner:

Code:
# AdwCleaner v2.011 - Datei am 09/12/2012 um 20:17:55 erstellt
# Aktualisiert am 02/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - BÜRO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\bprotector_extensions.sqlite
Datei Gefunden : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\bprotector_prefs.js
Ordner Gefunden : C:\ProgramData\bProtectorForWindows
Ordner Gefunden : C:\Users\***\bProtectorForWindows
Ordner Gefunden : C:\Users\***\Desktop\bProtectorForWindows
Ordner Gefunden : C:\Windows\system32\bProtectorForWindows

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\bProtector
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6001.18639

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v11.0 (de)

Profilname : default
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\prefs.js

Gefunden : user_pref("keyword.URL", "hxxp://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_020&u=U[...]

*************************

AdwCleaner[R1].txt - [12400 octets] - [15/10/2012 21:11:57]
AdwCleaner[R2].txt - [1661 octets] - [09/12/2012 20:17:55]
AdwCleaner[S1].txt - [11672 octets] - [16/10/2012 18:47:14]

########## EOF - C:\AdwCleaner[R2].txt - [1782 octets] ##########

cosinus 10.12.2012 10:17
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.

Schnegge82 10.12.2012 16:07
So, hier erstmal das Ergebnis von adwcleaner:

Code:
# AdwCleaner v2.100 - Datei am 10/12/2012 um 15:33:31 erstellt
# Aktualisiert am 09/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - BÜRO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\bprotector_prefs.js
Gelöscht mit Neustart : C:\ProgramData\bProtectorForWindows
Ordner Gelöscht : C:\Users\***\bProtectorForWindows
Ordner Gelöscht : C:\Users\***\Desktop\bProtectorForWindows
Ordner Gelöscht : C:\Windows\system32\bProtectorForWindows

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\bProtector
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6001.18639

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v11.0 (de)

Profilname : default
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\prefs.js

Gelöscht : user_pref("keyword.URL", "hxxp://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_020&u=U[...]

*************************

AdwCleaner[R1].txt - [12400 octets] - [15/10/2012 21:11:57]
AdwCleaner[R2].txt - [1830 octets] - [09/12/2012 20:17:55]
AdwCleaner[S1].txt - [11672 octets] - [16/10/2012 18:47:14]
AdwCleaner[S2].txt - [1790 octets] - [10/12/2012 15:33:31]

########## EOF - C:\AdwCleaner[S2].txt - [1850 octets] ##########
hier das erste Logfile von OTL (OTL.txt):

OTL Logfile:
Code:
OTL logfile created on: 10.12.2012 15:37:33 - Run 5
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 65,07% Memory free
6,19 Gb Paging File | 5,12 Gb Available in Paging File | 82,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 572,80 Gb Free Space | 62,50% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,73 Gb Free Space | 44,86% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
PRC - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Programme\Dell V305\dldtmsdmon.exe ()
PRC - C:\Programme\Dell V305\dldtmon.exe ()
PRC - C:\Windows\System32\dldtcoms.exe ( )
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - c:\ProgramData\bProtectorForWindows\2.1.415.37\protector.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\27eaca82076bc4478f5bfcaeb5cf619d\MenuSkinning.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\0868e07af5399e58078c7e252545a277\VistaBridgeLibrary.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\18f2261a32e4aa98d770c405554bd8d5\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\c31d3b435c5a131be0e2194b1cbf6e06\DellDock.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\03d071f52aaf45436629f91584eb96c1\MyDock.Util.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\f8694104e62a8182b9fbbae0e5173fcf\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\51bdab63dd9dbcddbfef9c82bffdbd59\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f183e57f94e56ac92ee99eed8e63943d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bc78764e2649bd53edc5c9884efba391\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\59f9dfe0ea64752c07f5a59c283c163b\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3331.38812__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3331.38896__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3331.38859__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3331.38795__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3331.38897__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3331.38860__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3331.38874__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3331.38802__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3331.38853__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3331.38858__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3331.38895__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3331.38809__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3331.38838__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3331.38803__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3331.38841__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3331.38869__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3331.38804__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3331.38815__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3331.38835__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3331.38818__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3331.38852__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3309.28647__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3331.38890__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3331.38888__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3331.38906__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3331.38791__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3331.38799__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3331.38808__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3331.38793__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3331.38793__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3331.38792__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3331.38794__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3331.38791__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3331.38889__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
MOD - C:\Programme\Dell DataSafe Local Backup\STFiles.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STLog.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STNLS.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STPE.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\zlib1.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STRegistry.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\libxml2.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\PSTVdsDisk.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\DataSafeOnline.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\SdbUI.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Programme\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\Programme\Dell DataSafe Online\CppUtils.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Dell V305\dldtmsdmon.exe ()
MOD - C:\Programme\Dell V305\dldtmon.exe ()
MOD - C:\Programme\Dell V305\app4r.monitor.core.dll ()
MOD - C:\Programme\Dell V305\app4r.monitor.common.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Programme\Dell V305\dldtdrs.dll ()
MOD - C:\Programme\Dell V305\dldtscw.dll ()
MOD - C:\Programme\Dell V305\dldtcaps.dll ()
MOD - C:\Programme\Dell V305\dldtmonr.dll ()
MOD - C:\Programme\Dell V305\dldtcfg.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Programme\Dell V305\dldtcnv4.dll ()
MOD - C:\Programme\Dell V305\dldtdatr.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (0243381355067586mcinstcleanup) -- C:\Windows\TEMP\024338~1.EXE File not found
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (dldtCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe ()
SRV - (dldt_device) -- C:\Windows\System32\dldtcoms.exe ( )
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (mfeavfk01) --  File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\***\AppData\Local\Temp\catchme.sys File not found
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.)
DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (hotcore3) -- C:\Windows\System32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}:1.3.19.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012.12.10 15:38:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.19 09:13:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.30 22:19:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.12.08 16:58:34 | 000,000,000 | ---D | M]
 
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.11.29 15:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions
[2011.03.05 20:08:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.26 16:30:53 | 000,000,000 | ---D | M] (blekko search bar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}
[2012.01.27 23:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.05.19 09:13:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012.03.04 19:35:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.04 19:35:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.04 19:35:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.04 19:35:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.04 19:35:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.04 19:35:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.12.09 17:03:57 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20120829171946.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (blekko search bar) - {a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} - C:\Programme\blekkotb_020\blekkotb_019X.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dldtamon] C:\Program Files\Dell V305\dldtamon.exe ()
O4 - HKLM..\Run: [dldtmon.exe] C:\Program Files\Dell V305\dldtmon.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] c:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat ()
O4 - HKLM..\RunOnce: [Launcher] C:\Programme\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39CC662D-6A20-4FED-825D-D0B2AB1A6221}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\bprote~1\21415~1.37\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.1.415.37\protector.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Programme\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.10 15:39:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.12.10 15:34:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\bProtectorForWindows
[2012.12.09 17:09:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.09 17:09:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\temp
[2012.12.09 17:09:47 | 000,000,000 | ---D | C] -- C:\bProtectorForWindows
[2012.12.09 16:47:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.09 16:47:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.09 16:47:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.09 16:47:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.09 16:47:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.09 16:40:20 | 005,010,414 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2012.12.08 16:56:42 | 000,146,872 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2012.12.08 16:45:51 | 000,000,000 | ---D | C] -- C:\a11620652cd54cb7a848
[2012.12.02 20:00:03 | 000,000,000 | ---D | C] -- C:\bcf5bcbe93c4b8bbd8307d4f62
[2012.12.02 19:55:53 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.11.29 15:21:45 | 000,000,000 | ---D | C] -- C:\6619f01411349f7fa75024cd067871
[2012.11.24 23:34:16 | 000,000,000 | ---D | C] -- C:\2b2569472d675899af924504
[2010.01.12 20:03:09 | 008,653,312 | ---- | C] (Dell, Inc.                                                  ) -- C:\Users\***\AppData\Roaming\DataSafeDotNet.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.10 15:39:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.12.10 15:34:58 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.10 15:34:57 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.10 15:34:57 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.10 15:34:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.10 15:34:45 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.10 15:34:14 | 000,001,034 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.12.10 15:31:18 | 000,545,819 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe
[2012.12.10 15:22:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.09 17:03:57 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.12.09 16:40:57 | 005,010,414 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2012.12.02 23:51:35 | 000,058,778 | ---- | M] () -- C:\Users\***\Desktop\GMER_LOG.zip
[2012.12.02 22:42:12 | 000,000,512 | ---- | M] () -- C:\Users\***\Desktop\MBR.dat
[2012.12.02 20:01:18 | 000,302,592 | ---- | M] () -- C:\Users\***\Desktop\509y08cl.exe
[2012.12.02 19:56:35 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.11.29 16:16:30 | 000,002,633 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Excel 2007.lnk
[2012.11.29 15:49:00 | 000,002,735 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Outlook 2007.lnk
[2012.11.24 23:28:19 | 000,002,631 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Word 2007.lnk
[2012.11.24 23:27:37 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.11.24 23:27:37 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.11.18 23:31:29 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.18 23:31:29 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.18 23:31:29 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.18 23:31:29 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.12.10 15:32:37 | 000,545,819 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe
[2012.12.09 16:47:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.09 16:47:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.09 16:47:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.09 16:47:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.09 16:47:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.02 23:51:34 | 000,058,778 | ---- | C] () -- C:\Users\***\Desktop\GMER_LOG.zip
[2012.12.02 22:42:12 | 000,000,512 | ---- | C] () -- C:\Users\***\Desktop\MBR.dat
[2012.12.02 20:01:06 | 000,302,592 | ---- | C] () -- C:\Users\***\Desktop\509y08cl.exe
[2012.11.18 23:34:15 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.10.07 15:26:43 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.05.15 20:31:31 | 000,211,046 | ---- | C] () -- C:\Users\***\Antrag ****  Antrag.pdf
[2011.08.11 21:43:16 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.06.29 19:24:10 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2011.06.29 19:24:10 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2011.04.23 23:52:22 | 000,000,008 | -H-- | C] () -- C:\Users\***\AppData\Local\L8457789110
[2011.01.21 23:53:36 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2009.09.18 21:30:19 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2009.09.18 21:26:12 | 000,175,616 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.09.11 08:00:41 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 03:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
--- --- ---


und das zweite Logfile von OTL (Extras.txt):

OTL Logfile:
Code:
OTL Extras logfile created on: 10.12.2012 15:37:33 - Run 5
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 65,07% Memory free
6,19 Gb Paging File | 5,12 Gb Available in Paging File | 82,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 572,80 Gb Free Space | 62,50% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,73 Gb Free Space | 44,86% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079FD4DE-DC19-4404-9F61-05790E718CE8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12546D2A-A88E-4282-95C6-6E6D5E7AF693}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{22F260BB-3576-44E6-8E5F-08C0FA9369DD}" = lport=80 | protocol=17 | dir=in | name=receiver |
"{31D53028-76E0-4913-AF0C-74C80B70F051}" = rport=10243 | protocol=6 | dir=out | app=system |
"{32A1FDB5-300F-498E-AE31-6430C3DDFCF1}" = rport=137 | protocol=17 | dir=out | app=system |
"{3319912E-4022-4B60-A3B5-AA937CA7B199}" = lport=2869 | protocol=6 | dir=in | app=system |
"{43DC0B1F-6C75-4287-9DBD-6934F6DA5C04}" = rport=139 | protocol=6 | dir=out | app=system |
"{53D8F01C-2515-47B9-8E37-F10CC9A37FB2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{72714D68-0EA6-47B8-B520-321481388ABD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8237E849-E26E-4C7A-9A02-A5A30E8FF83C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{932470C7-BFF7-421A-A6B2-10149961195B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A559B4D0-1C98-4889-8463-C9106DD20758}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAF75F21-2A3B-4B12-9B28-3BF095AD5129}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B227456B-158C-4A15-866F-6C72077738E5}" = lport=139 | protocol=6 | dir=in | app=system |
"{CCA4353B-ADEB-4118-BDBD-DEDC3C850035}" = rport=138 | protocol=17 | dir=out | app=system |
"{CF4CE158-77A8-4197-96EB-6DD8352C0B00}" = lport=138 | protocol=17 | dir=in | app=system |
"{D0D81549-3396-44A4-B808-F62B2CE78590}" = rport=445 | protocol=6 | dir=out | app=system |
"{D5429371-803F-4155-B017-9791F30462BE}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8C365A0-80C1-4272-B17E-9C448371AD8B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E23BB5B2-21E3-4DB1-BD34-F2A44AE2C5FF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECE25BE3-C9C6-4BCB-93E8-D8FD7E5C3F0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{F27D466E-47E3-4B25-8113-E069F19F3622}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F27D5CD6-B255-481D-9E2F-BFA2A2445375}" = lport=137 | protocol=17 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020D2969-F13F-4996-A4DD-EDA88A3BDB5D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{071B7923-9A3B-454F-9F2F-0F67F3904A5A}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{0A45F96E-EE12-4CEB-8C41-7A10D309C1B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F2BE6AE-7A7C-438D-BB59-9214609DA5E0}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{18F8572A-D7DC-4260-AB52-1B90455C2389}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{199B6D89-DFBB-4272-BFF7-421100CF4D52}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{1C107C1A-B68C-4BF5-AFB7-5CE1BD6C94A8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1F078DE4-6D74-45A9-B58B-98123F484144}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{25AF695F-C23D-47E6-854C-266F166FC045}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{261DA95C-AA33-480A-AAB6-8D4E9F6E84B1}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{2C9F5560-6B61-4552-9317-A1C4594151CA}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{31DC5165-1B8D-4917-B1A8-6BA58818DAC9}" = protocol=6 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{325F2C96-8333-4BD1-932A-12F66352AE14}" = protocol=6 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{3876A086-D31C-4626-AE2D-3F1100E85A50}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{3B593FBA-3111-468C-AD40-725210F879D7}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{44887DFE-049F-446E-927C-2DD0F76647C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{472A765A-E5C2-4256-821D-9CBF84E65988}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{49F5A5BC-DC11-4822-8C4A-7D037610E929}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4BAF0678-2642-44BD-B0AF-A481F350989E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4CAE3D57-AB34-4595-B65A-D83DF29303EC}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{542B4BD4-845D-469B-BE4E-89789888AE83}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5717672A-6621-49FC-9256-E40ABD392992}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{59A9D8F1-769A-4CC0-9CA8-A24036F0F83E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5DEBB0BD-0933-4753-8E60-24C62EF7F0C6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{60AE3C3A-3616-4CA2-AFC4-E825863C0127}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62AD5464-3036-4186-9ADC-EB33D2096D43}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6310EC91-D7DC-430F-8010-9EF6D9C0F054}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{648B325F-4804-418D-85BC-D6A02A0BD643}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65272EA4-6860-4EEC-AC20-A8BD3504C32B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6941B5EB-325E-4B98-89DA-C41C7A145378}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{6D64474B-D825-472C-86F0-F1BDA28E7994}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{7846EFB1-7A27-466C-B03A-ABB0BD8EB725}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{7AA39480-0C95-4E0E-8ED1-613A17C34841}" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"{8429C5B8-15AE-4C4F-B0F0-BD52770DBA9C}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{867CC7B7-214D-4256-A92F-FEE5B7F3883B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{86B54175-27F4-4661-A6DD-E41BDC795D3E}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{8CD53841-2AF3-4E97-8AAF-721B583CE8E0}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{910A02EB-8EA1-40CA-8874-F9DB786A7CDA}" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"{953596F5-9625-4027-BD9E-91507EDD754C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9F76788E-5A8E-482A-A4C2-132FE1DE549A}" = protocol=17 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{A2AFE5C1-019A-4AB9-8627-F3230111F373}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{A4DA14CE-58DE-4F9D-8C0E-6C9EA7298BE5}" = protocol=17 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{A65CE731-60F9-4CE6-B7D7-8BF4C651F74F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9FB3EB1-FA0D-4F45-865E-1BCFEE561B25}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{AB384FFE-5526-4583-8D52-0C4E623C146D}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{B154E59E-8726-4E17-A780-E41CA5C802A4}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{B24D9E52-2864-4F29-A423-F568F9DC0E2F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B4A083D8-7369-4F16-A609-C61D52B3CAB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B5E30D30-5114-44CA-8678-6DC81BF3E646}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B67B8A51-F06A-4850-A4CB-5EAC793BF844}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C123ADFE-B6E4-4EF9-A97E-2CF38E15F6DD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{C4F590E0-AE5D-43D3-AF61-4B674F643337}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CBA05323-00BA-4AA6-AF1B-8ADE4323E1DC}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{CEDBA156-FF2E-48A3-B7BA-8F7770310B4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CEFBCFCF-3022-42E0-A73D-76639838C400}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1C33DED-DD39-4C79-B946-C8594755A549}" = protocol=6 | dir=out | app=system |
"{DFB48B6A-50EF-4AD0-BC8A-E4EF6E46356F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E48BE109-C248-4E0C-84AA-7835C1F09EB3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{E5B00193-1E99-46ED-A37F-1070BE6163BF}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{E9AB3BFC-8241-46AD-83FE-643BCD0701B9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{EDBF2B19-B309-4B9F-9D0D-D701E8C0C257}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5208DA2-6EF4-4C76-851C-6C53656D5DD2}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{F7CF5709-3090-462E-A222-CFE8546AB305}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"TCP Query User{267F1D74-5EA9-48EB-B043-82BC471B6B12}C:\program files\dell v305\frun.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"TCP Query User{495B4E6F-7B5E-4B60-8FA8-0126359570E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"TCP Query User{5B964673-8D25-4CE8-B516-409317D20112}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{6C2AA7CE-7958-4A31-B3F6-E56CEF54952E}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{98B8DFB4-A136-4A00-8550-D43792EEF55A}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{9DCD40C7-75E4-4A0B-97D4-382AF1A88F60}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{FDB8F04B-A87A-408B-B4C4-338D8003519D}C:\program files\dell v305\dldtmon.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"UDP Query User{1A5C6D1E-A6D9-4B6C-912E-C0F26D6D6072}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{2C398C82-7EB7-422A-8590-A7F0B3CA1A0A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{60437BE4-48E1-4897-84A8-A553676CA139}C:\program files\dell v305\frun.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"UDP Query User{725DB65A-B6B9-4AA3-916A-DAA410A221E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"UDP Query User{A8EA4F0F-7E3F-41B6-9834-8433532D150A}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{B5989A5D-438E-47E3-A32E-873E4BABC416}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{E5DF9D08-2C6B-49CE-88A7-F9DA7BDF695E}C:\program files\dell v305\dldtmon.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{04D5E56E-F323-27F2-C075-EF1AE9A3CF2B}" = Catalyst Control Center Graphics Light
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07288267-318E-9B78-B04E-984F9149EE24}" = Catalyst Control Center Graphics Previews Common
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B23ACC5-88A6-FEE4-0131-8777A1BA0B68}" = Catalyst Control Center Graphics Previews Vista
"{0CD81D7E-94E2-D230-E37E-C9B16E90D01C}" = CCC Help Italian
"{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1252F398-5142-4D81-AD31-8B0204C26E8C}" = ARIS Express
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{16A7FAD8-EE4F-C413-8359-833A3B2D39FB}" = CCC Help Portuguese
"{18364179-C5E5-F826-E2FC-D99D575AF997}" = Catalyst Control Center Localization All
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29258311-EA49-11DE-967C-005056C00008}" = Paragon Festplatten Manager™ 2011 Suite Demo
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}" = Diagnostics32
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47C72DA6-E7AC-984C-5475-15A65F9B41BE}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A918155-6399-4673-0D08-85A0DBEC1389}" = CCC Help Chinese Traditional
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{537791BE-B032-D116-0C59-13541E17BFEA}" = CCC Help English
"{5441F067-5AF8-4284-9A8C-FD98DF05C981}" = Omron Health Management Software
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{60379D61-4F60-4C0D-ADB0-7670BD513AE1}" = Pubs
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66DAE8D7-D5F7-462F-5815-102EE4B191C4}" = CCC Help Korean
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{763B809A-6874-5979-CD69-39491392262C}" = Catalyst Control Center InstallProxy
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E910FDA-CBBE-4451-8728-235E6A4DE162}" = Sony Ericsson Media Manager 1.1
"{7FE440D8-8F16-24CA-81B6-7DEB4D6BF92D}" = CCC Help Hungarian
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.3.0
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{88D3B829-DBA4-D839-33BF-9A5794CC21EB}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9044B9A5-B7D7-3EA2-B20B-49A47853D62F}" = CCC Help Spanish
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A7F37935-A880-8657-79CE-F98BF3A358E1}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B297076F-905F-7E13-57EF-7D254EBB7589}" = CCC Help Japanese
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3F9AC0D-3A6D-42F7-8A44-80335A366233}" = Install
"{C61E46F5-0699-400B-B9BF-899349F10776}" = Wireless Setup Utility 32
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1B8C6AC-C4F8-E8AF-E157-AF3E16B97903}" = CCC Help French
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 Königs- Edition
"{DC702FC1-4746-CD99-0578-02839474C2F8}" = Skins
"{DCCB7F99-84DC-6558-1406-AB775DD202BD}" = ccc-utility
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E00B477F-8558-45DA-B25A-69935FB89A94}" = Dell Dock
"{E59145A6-2D21-9E5C-6551-ACA2539CDE50}" = ccc-core-static
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E89371A0-2FCD-F518-EECB-09AB27724CEE}" = CCC Help German
"{EACCC991-8E8C-4397-8854-349506741FC9}" = FileMaker Pro 11
"{EACCC991-8E8C-4397-8854-349506741FC9}_FileMaker" = FileMaker Pro 11
"{ED06F22F-DADB-E713-2E49-EEB154950285}" = Catalyst Control Center Graphics Full Existing
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{ED83A136-0255-11D5-ABDE-00E07D81F9B8}" = Schiene und Strasse
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4953044-0533-4F01-B0FC-1D271AB998D8}" = Inkjet Toolbox
"{F6706DF9-B0B6-8496-F302-BF511197A32F}" = Catalyst Control Center Core Implementation
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"blekkotb_020" = blekko search bar
"Dell Support Center" = Dell Support Center
"Dell V305" = Dell V305
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Flight Simulator 8.0" = Microsoft Flight Simulator 2002
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"King" = King
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Mediaport" = Mediaport
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"MPE" = MyPhoneExplorer
"MSC" = McAfee SecurityCenter
"Office14.PRJPROR" = Microsoft Project Professional 2010
"TomTom HOME" = TomTom HOME 2.8.2.2264
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wisepilot_is1" = Wisepilot 4.0
"XMedia Recode" = XMedia Recode 2.2.5.8
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
[ System Events ]
Error - 10.12.2012 10:20:28 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 10.12.2012 10:20:50 | Computer Name = Büro-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =
 
Error - 10.12.2012 10:22:03 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 10.12.2012 10:22:03 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10.12.2012 10:29:25 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 10.12.2012 10:30:51 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 10.12.2012 10:30:51 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10.12.2012 10:34:54 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 10.12.2012 10:36:30 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 10.12.2012 10:36:30 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >
--- --- ---

cosinus 10.12.2012 16:24

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:OTL
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O20 - AppInit_DLLs: (c:\progra~2\bprote~1\21415~1.37\protec~1.dll) - c:\ProgramData\bProtectorForWindows\2.1.415.37\protector.dll ()
:Files
c:\ProgramData\bProtectorForWindows
C:\Windows\System32\bProtectorForWindows
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

Schnegge82 10.12.2012 17:56
Hier der Inhalt aus der Texdatei:

Code:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
Registry value HKEY_USERS\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\bprote~1\21415~1.37\protec~1.dll deleted successfully.
File move failed. c:\ProgramData\bProtectorForWindows\2.1.415.37\protector.dll scheduled to be moved on reboot.
========== FILES ==========
Folder move failed. c:\ProgramData\bProtectorForWindows\2.1.415.37 scheduled to be moved on reboot.
Folder move failed. c:\ProgramData\bProtectorForWindows scheduled to be moved on reboot.
C:\Windows\System32\bProtectorForWindows\2.1.415.37 folder moved successfully.
C:\Windows\System32\bProtectorForWindows folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\***\Desktop\cmd.bat deleted successfully.
C:\Users\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 64599977 bytes
->Java cache emptied: 88613193 bytes
->FireFox cache emptied: 61389637 bytes
->Flash cache emptied: 39150 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 538941 bytes
 
Total Files Cleaned = 205,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 12102012_174304

Files\Folders moved on Reboot...
File move failed. c:\ProgramData\bProtectorForWindows\2.1.415.37\protector.dll scheduled to be moved on reboot.
Folder move failed. c:\ProgramData\bProtectorForWindows\2.1.415.37 scheduled to be moved on reboot.
Folder move failed. c:\ProgramData\bProtectorForWindows\2.1.415.37 scheduled to be moved on reboot.
Folder move failed. c:\ProgramData\bProtectorForWindows scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
In meinem Browser ist übrigens die Einstellung für die Startseite verloren gegangen. War vorher Google, ist jetzt aber "^hxxp://blekko\.com/ws/\?source=017d87aa.*". Beim Starten des Browsers war da nur ein leeres Fenster.

cosinus 10.12.2012 19:57
Ist dieses blekko überhaupt von dir gewollt?

Eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.

Schnegge82 11.12.2012 20:55
Nee, keine Ahnung was das ist. Hab eigentlich was anderes als Startseite. Kann das nur irgendwie nicht wieder richtig einstellen. Wenn ich die Einstellung für die Startseite ändere, ist beim nächsten öffnen leider immer wieder dieses blekko als Startseite eingestellt.

Hier die OTL.txt:

Code:
OTL logfile created on: 11.12.2012 19:55:28 - Run 6
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,29% Memory free
6,21 Gb Paging File | 4,80 Gb Available in Paging File | 77,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 573,96 Gb Free Space | 62,63% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,73 Gb Free Space | 44,87% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
PRC - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Programme\Dell V305\dldtmsdmon.exe ()
PRC - C:\Programme\Dell V305\dldtmon.exe ()
PRC - C:\Windows\System32\dldtcoms.exe ( )
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\27eaca82076bc4478f5bfcaeb5cf619d\MenuSkinning.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\0868e07af5399e58078c7e252545a277\VistaBridgeLibrary.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\18f2261a32e4aa98d770c405554bd8d5\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\c31d3b435c5a131be0e2194b1cbf6e06\DellDock.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\03d071f52aaf45436629f91584eb96c1\MyDock.Util.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\f8694104e62a8182b9fbbae0e5173fcf\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\51bdab63dd9dbcddbfef9c82bffdbd59\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f183e57f94e56ac92ee99eed8e63943d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bc78764e2649bd53edc5c9884efba391\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\59f9dfe0ea64752c07f5a59c283c163b\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3331.38812__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3331.38896__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3331.38859__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3331.38795__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3331.38897__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3331.38860__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3331.38874__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3331.38802__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3331.38853__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3331.38858__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3331.38895__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3331.38809__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3331.38838__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3331.38803__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3331.38841__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3331.38869__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3331.38804__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3331.38815__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3331.38835__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3331.38818__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3331.38852__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3309.28647__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3331.38890__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3331.38888__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3331.38906__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3331.38791__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3331.38799__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3331.38808__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3331.38793__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3331.38793__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3331.38792__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3331.38794__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3331.38791__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3331.38889__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
MOD - C:\Programme\Dell DataSafe Local Backup\STFiles.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STLog.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STNLS.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STPE.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\zlib1.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STRegistry.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\libxml2.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\PSTVdsDisk.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\DataSafeOnline.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\SdbUI.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Programme\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\Programme\Dell DataSafe Online\CppUtils.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Dell V305\dldtmsdmon.exe ()
MOD - C:\Programme\Dell V305\dldtmon.exe ()
MOD - C:\Programme\Dell V305\app4r.monitor.core.dll ()
MOD - C:\Programme\Dell V305\app4r.monitor.common.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Programme\Dell V305\dldtdrs.dll ()
MOD - C:\Programme\Dell V305\dldtscw.dll ()
MOD - C:\Programme\Dell V305\dldtcaps.dll ()
MOD - C:\Programme\Dell V305\dldtmonr.dll ()
MOD - C:\Programme\Dell V305\dldtcfg.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Programme\Dell V305\dldtcnv4.dll ()
MOD - C:\Programme\Dell V305\dldtdatr.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (0243381355067586mcinstcleanup) -- C:\Windows\TEMP\024338~1.EXE File not found
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (dldtCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe ()
SRV - (dldt_device) -- C:\Windows\System32\dldtcoms.exe ( )
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (mfeavfk01) --  File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\***\AppData\Local\Temp\catchme.sys File not found
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.)
DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (hotcore3) -- C:\Windows\System32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Blekko"
FF - prefs.js..browser.search.order.1: "Blekko"
FF - prefs.js..browser.search.selectedEngine: "Blekko"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "^hxxp://blekko\\.com/ws/\\?source=017d87aa.*"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - prefs.js..keyword.URL: "^hxxp://blekko\\.com/ws/\\?source=.*"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012.12.11 19:49:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.19 09:13:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.30 22:19:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.12.08 16:58:34 | 000,000,000 | ---D | M]
 
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.11.29 15:33:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions
[2011.03.05 20:08:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.11.26 16:30:53 | 000,000,000 | ---D | M] (blekko search bar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}
[2012.01.27 23:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.05.19 09:13:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012.03.04 19:35:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.04 19:35:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.04 19:35:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.04 19:35:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.04 19:35:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.04 19:35:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.12.10 17:43:50 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20120829171946.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (blekko search bar) - {a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} - C:\Programme\blekkotb_020\blekkotb_019X.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (blekko search bar) - {a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} - C:\Programme\blekkotb_020\blekkotb_019X.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dldtamon] C:\Program Files\Dell V305\dldtamon.exe ()
O4 - HKLM..\Run: [dldtmon.exe] C:\Program Files\Dell V305\dldtmon.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] c:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat ()
O4 - HKLM..\RunOnce: [Launcher] C:\Programme\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39CC662D-6A20-4FED-825D-D0B2AB1A6221}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\bprote~1\21415~1.37\protec~1.dll) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Programme\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.11 19:50:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.12.10 17:43:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\bProtectorForWindows
[2012.12.10 17:43:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.12.10 15:46:16 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\bProtectorForWindows
[2012.12.09 17:09:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.09 17:09:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\temp
[2012.12.09 17:09:47 | 000,000,000 | ---D | C] -- C:\bProtectorForWindows
[2012.12.09 16:47:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.09 16:47:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.09 16:47:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.09 16:47:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.09 16:47:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.09 16:40:20 | 005,010,414 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2012.12.08 16:56:42 | 000,146,872 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2012.12.08 16:45:51 | 000,000,000 | ---D | C] -- C:\a11620652cd54cb7a848
[2012.12.02 20:00:03 | 000,000,000 | ---D | C] -- C:\bcf5bcbe93c4b8bbd8307d4f62
[2012.12.02 19:55:53 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.11.29 15:21:45 | 000,000,000 | ---D | C] -- C:\6619f01411349f7fa75024cd067871
[2012.11.24 23:34:16 | 000,000,000 | ---D | C] -- C:\2b2569472d675899af924504
[2010.01.12 20:03:09 | 008,653,312 | ---- | C] (Dell, Inc.                                                  ) -- C:\Users\***\AppData\Roaming\DataSafeDotNet.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.11 19:59:01 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.12.11 19:46:13 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.11 19:46:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.11 19:46:12 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.11 19:46:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.11 19:45:58 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.10 18:33:30 | 000,001,034 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.12.10 17:43:50 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.12.10 17:22:04 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.10 15:58:59 | 000,000,008 | -H-- | M] () -- C:\Users\***\AppData\Local\L8457789110
[2012.12.10 15:31:18 | 000,545,819 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe
[2012.12.09 16:40:57 | 005,010,414 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2012.12.02 23:51:35 | 000,058,778 | ---- | M] () -- C:\Users\***\Desktop\GMER_LOG.zip
[2012.12.02 22:42:12 | 000,000,512 | ---- | M] () -- C:\Users\***\Desktop\MBR.dat
[2012.12.02 20:01:18 | 000,302,592 | ---- | M] () -- C:\Users\***\Desktop\509y08cl.exe
[2012.12.02 19:56:35 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.11.29 16:16:30 | 000,002,633 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Excel 2007.lnk
[2012.11.29 15:49:00 | 000,002,735 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Outlook 2007.lnk
[2012.11.24 23:28:19 | 000,002,631 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Word 2007.lnk
[2012.11.24 23:27:37 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.11.24 23:27:37 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.11.18 23:31:29 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.18 23:31:29 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.18 23:31:29 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.18 23:31:29 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.12.10 15:32:37 | 000,545,819 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe
[2012.12.09 16:47:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.09 16:47:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.09 16:47:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.09 16:47:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.09 16:47:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.02 23:51:34 | 000,058,778 | ---- | C] () -- C:\Users\***\Desktop\GMER_LOG.zip
[2012.12.02 22:42:12 | 000,000,512 | ---- | C] () -- C:\Users\***\Desktop\MBR.dat
[2012.12.02 20:01:06 | 000,302,592 | ---- | C] () -- C:\Users\***\Desktop\509y08cl.exe
[2012.11.18 23:34:15 | 000,000,564 | ---- | C] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2012.10.07 15:26:43 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.05.15 20:31:31 | 000,211,046 | ---- | C] () -- C:\Users\***\Antrag ****  Antrag.pdf
[2011.08.11 21:43:16 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.06.29 19:24:10 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2011.06.29 19:24:10 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2011.04.23 23:52:22 | 000,000,008 | -H-- | C] () -- C:\Users\***\AppData\Local\L8457789110
[2011.01.21 23:53:36 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2009.09.18 21:30:19 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2009.09.18 21:26:12 | 000,175,616 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.09.11 08:00:41 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 03:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >


und die Extras.txt:

Code:
OTL Extras logfile created on: 11.12.2012 19:55:28 - Run 6
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 61,29% Memory free
6,21 Gb Paging File | 4,80 Gb Available in Paging File | 77,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 573,96 Gb Free Space | 62,63% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,73 Gb Free Space | 44,87% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079FD4DE-DC19-4404-9F61-05790E718CE8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12546D2A-A88E-4282-95C6-6E6D5E7AF693}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{22F260BB-3576-44E6-8E5F-08C0FA9369DD}" = lport=80 | protocol=17 | dir=in | name=receiver |
"{31D53028-76E0-4913-AF0C-74C80B70F051}" = rport=10243 | protocol=6 | dir=out | app=system |
"{32A1FDB5-300F-498E-AE31-6430C3DDFCF1}" = rport=137 | protocol=17 | dir=out | app=system |
"{3319912E-4022-4B60-A3B5-AA937CA7B199}" = lport=2869 | protocol=6 | dir=in | app=system |
"{43DC0B1F-6C75-4287-9DBD-6934F6DA5C04}" = rport=139 | protocol=6 | dir=out | app=system |
"{53D8F01C-2515-47B9-8E37-F10CC9A37FB2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{72714D68-0EA6-47B8-B520-321481388ABD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8237E849-E26E-4C7A-9A02-A5A30E8FF83C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{932470C7-BFF7-421A-A6B2-10149961195B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A559B4D0-1C98-4889-8463-C9106DD20758}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAF75F21-2A3B-4B12-9B28-3BF095AD5129}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B227456B-158C-4A15-866F-6C72077738E5}" = lport=139 | protocol=6 | dir=in | app=system |
"{CCA4353B-ADEB-4118-BDBD-DEDC3C850035}" = rport=138 | protocol=17 | dir=out | app=system |
"{CF4CE158-77A8-4197-96EB-6DD8352C0B00}" = lport=138 | protocol=17 | dir=in | app=system |
"{D0D81549-3396-44A4-B808-F62B2CE78590}" = rport=445 | protocol=6 | dir=out | app=system |
"{D5429371-803F-4155-B017-9791F30462BE}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8C365A0-80C1-4272-B17E-9C448371AD8B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E23BB5B2-21E3-4DB1-BD34-F2A44AE2C5FF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECE25BE3-C9C6-4BCB-93E8-D8FD7E5C3F0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{F27D466E-47E3-4B25-8113-E069F19F3622}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F27D5CD6-B255-481D-9E2F-BFA2A2445375}" = lport=137 | protocol=17 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020D2969-F13F-4996-A4DD-EDA88A3BDB5D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{071B7923-9A3B-454F-9F2F-0F67F3904A5A}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{0A45F96E-EE12-4CEB-8C41-7A10D309C1B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F2BE6AE-7A7C-438D-BB59-9214609DA5E0}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{18F8572A-D7DC-4260-AB52-1B90455C2389}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{199B6D89-DFBB-4272-BFF7-421100CF4D52}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{1C107C1A-B68C-4BF5-AFB7-5CE1BD6C94A8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1F078DE4-6D74-45A9-B58B-98123F484144}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{25AF695F-C23D-47E6-854C-266F166FC045}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{261DA95C-AA33-480A-AAB6-8D4E9F6E84B1}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{2C9F5560-6B61-4552-9317-A1C4594151CA}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{31DC5165-1B8D-4917-B1A8-6BA58818DAC9}" = protocol=6 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{325F2C96-8333-4BD1-932A-12F66352AE14}" = protocol=6 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{3876A086-D31C-4626-AE2D-3F1100E85A50}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{3B593FBA-3111-468C-AD40-725210F879D7}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{44887DFE-049F-446E-927C-2DD0F76647C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{472A765A-E5C2-4256-821D-9CBF84E65988}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{49F5A5BC-DC11-4822-8C4A-7D037610E929}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4BAF0678-2642-44BD-B0AF-A481F350989E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4CAE3D57-AB34-4595-B65A-D83DF29303EC}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{542B4BD4-845D-469B-BE4E-89789888AE83}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5717672A-6621-49FC-9256-E40ABD392992}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{59A9D8F1-769A-4CC0-9CA8-A24036F0F83E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5DEBB0BD-0933-4753-8E60-24C62EF7F0C6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{60AE3C3A-3616-4CA2-AFC4-E825863C0127}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62AD5464-3036-4186-9ADC-EB33D2096D43}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6310EC91-D7DC-430F-8010-9EF6D9C0F054}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{648B325F-4804-418D-85BC-D6A02A0BD643}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65272EA4-6860-4EEC-AC20-A8BD3504C32B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6941B5EB-325E-4B98-89DA-C41C7A145378}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{6D64474B-D825-472C-86F0-F1BDA28E7994}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{7846EFB1-7A27-466C-B03A-ABB0BD8EB725}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{7AA39480-0C95-4E0E-8ED1-613A17C34841}" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"{8429C5B8-15AE-4C4F-B0F0-BD52770DBA9C}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{867CC7B7-214D-4256-A92F-FEE5B7F3883B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{86B54175-27F4-4661-A6DD-E41BDC795D3E}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{8CD53841-2AF3-4E97-8AAF-721B583CE8E0}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{910A02EB-8EA1-40CA-8874-F9DB786A7CDA}" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"{953596F5-9625-4027-BD9E-91507EDD754C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9F76788E-5A8E-482A-A4C2-132FE1DE549A}" = protocol=17 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{A2AFE5C1-019A-4AB9-8627-F3230111F373}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{A4DA14CE-58DE-4F9D-8C0E-6C9EA7298BE5}" = protocol=17 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{A65CE731-60F9-4CE6-B7D7-8BF4C651F74F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9FB3EB1-FA0D-4F45-865E-1BCFEE561B25}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{AB384FFE-5526-4583-8D52-0C4E623C146D}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{B154E59E-8726-4E17-A780-E41CA5C802A4}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{B24D9E52-2864-4F29-A423-F568F9DC0E2F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B4A083D8-7369-4F16-A609-C61D52B3CAB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B5E30D30-5114-44CA-8678-6DC81BF3E646}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B67B8A51-F06A-4850-A4CB-5EAC793BF844}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C123ADFE-B6E4-4EF9-A97E-2CF38E15F6DD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{C4F590E0-AE5D-43D3-AF61-4B674F643337}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CBA05323-00BA-4AA6-AF1B-8ADE4323E1DC}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{CEDBA156-FF2E-48A3-B7BA-8F7770310B4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CEFBCFCF-3022-42E0-A73D-76639838C400}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1C33DED-DD39-4C79-B946-C8594755A549}" = protocol=6 | dir=out | app=system |
"{DFB48B6A-50EF-4AD0-BC8A-E4EF6E46356F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E48BE109-C248-4E0C-84AA-7835C1F09EB3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{E5B00193-1E99-46ED-A37F-1070BE6163BF}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{E9AB3BFC-8241-46AD-83FE-643BCD0701B9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{EDBF2B19-B309-4B9F-9D0D-D701E8C0C257}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5208DA2-6EF4-4C76-851C-6C53656D5DD2}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{F7CF5709-3090-462E-A222-CFE8546AB305}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"TCP Query User{267F1D74-5EA9-48EB-B043-82BC471B6B12}C:\program files\dell v305\frun.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"TCP Query User{495B4E6F-7B5E-4B60-8FA8-0126359570E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"TCP Query User{5B964673-8D25-4CE8-B516-409317D20112}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{6C2AA7CE-7958-4A31-B3F6-E56CEF54952E}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{98B8DFB4-A136-4A00-8550-D43792EEF55A}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{9DCD40C7-75E4-4A0B-97D4-382AF1A88F60}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{FDB8F04B-A87A-408B-B4C4-338D8003519D}C:\program files\dell v305\dldtmon.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"UDP Query User{1A5C6D1E-A6D9-4B6C-912E-C0F26D6D6072}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{2C398C82-7EB7-422A-8590-A7F0B3CA1A0A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{60437BE4-48E1-4897-84A8-A553676CA139}C:\program files\dell v305\frun.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"UDP Query User{725DB65A-B6B9-4AA3-916A-DAA410A221E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"UDP Query User{A8EA4F0F-7E3F-41B6-9834-8433532D150A}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{B5989A5D-438E-47E3-A32E-873E4BABC416}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{E5DF9D08-2C6B-49CE-88A7-F9DA7BDF695E}C:\program files\dell v305\dldtmon.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{04D5E56E-F323-27F2-C075-EF1AE9A3CF2B}" = Catalyst Control Center Graphics Light
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07288267-318E-9B78-B04E-984F9149EE24}" = Catalyst Control Center Graphics Previews Common
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B23ACC5-88A6-FEE4-0131-8777A1BA0B68}" = Catalyst Control Center Graphics Previews Vista
"{0CD81D7E-94E2-D230-E37E-C9B16E90D01C}" = CCC Help Italian
"{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1252F398-5142-4D81-AD31-8B0204C26E8C}" = ARIS Express
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{16A7FAD8-EE4F-C413-8359-833A3B2D39FB}" = CCC Help Portuguese
"{18364179-C5E5-F826-E2FC-D99D575AF997}" = Catalyst Control Center Localization All
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29258311-EA49-11DE-967C-005056C00008}" = Paragon Festplatten Manager™ 2011 Suite Demo
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}" = Diagnostics32
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47C72DA6-E7AC-984C-5475-15A65F9B41BE}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A918155-6399-4673-0D08-85A0DBEC1389}" = CCC Help Chinese Traditional
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{537791BE-B032-D116-0C59-13541E17BFEA}" = CCC Help English
"{5441F067-5AF8-4284-9A8C-FD98DF05C981}" = Omron Health Management Software
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{60379D61-4F60-4C0D-ADB0-7670BD513AE1}" = Pubs
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66DAE8D7-D5F7-462F-5815-102EE4B191C4}" = CCC Help Korean
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{763B809A-6874-5979-CD69-39491392262C}" = Catalyst Control Center InstallProxy
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E910FDA-CBBE-4451-8728-235E6A4DE162}" = Sony Ericsson Media Manager 1.1
"{7FE440D8-8F16-24CA-81B6-7DEB4D6BF92D}" = CCC Help Hungarian
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.3.0
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{88D3B829-DBA4-D839-33BF-9A5794CC21EB}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9044B9A5-B7D7-3EA2-B20B-49A47853D62F}" = CCC Help Spanish
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A7F37935-A880-8657-79CE-F98BF3A358E1}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B297076F-905F-7E13-57EF-7D254EBB7589}" = CCC Help Japanese
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3F9AC0D-3A6D-42F7-8A44-80335A366233}" = Install
"{C61E46F5-0699-400B-B9BF-899349F10776}" = Wireless Setup Utility 32
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1B8C6AC-C4F8-E8AF-E157-AF3E16B97903}" = CCC Help French
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 Königs- Edition
"{DC702FC1-4746-CD99-0578-02839474C2F8}" = Skins
"{DCCB7F99-84DC-6558-1406-AB775DD202BD}" = ccc-utility
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E00B477F-8558-45DA-B25A-69935FB89A94}" = Dell Dock
"{E59145A6-2D21-9E5C-6551-ACA2539CDE50}" = ccc-core-static
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E89371A0-2FCD-F518-EECB-09AB27724CEE}" = CCC Help German
"{EACCC991-8E8C-4397-8854-349506741FC9}" = FileMaker Pro 11
"{EACCC991-8E8C-4397-8854-349506741FC9}_FileMaker" = FileMaker Pro 11
"{ED06F22F-DADB-E713-2E49-EEB154950285}" = Catalyst Control Center Graphics Full Existing
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{ED83A136-0255-11D5-ABDE-00E07D81F9B8}" = Schiene und Strasse
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4953044-0533-4F01-B0FC-1D271AB998D8}" = Inkjet Toolbox
"{F6706DF9-B0B6-8496-F302-BF511197A32F}" = Catalyst Control Center Core Implementation
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"blekkotb_020" = blekko search bar
"Dell Support Center" = Dell Support Center
"Dell V305" = Dell V305
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Flight Simulator 8.0" = Microsoft Flight Simulator 2002
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"King" = King
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Mediaport" = Mediaport
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"MPE" = MyPhoneExplorer
"MSC" = McAfee SecurityCenter
"Office14.PRJPROR" = Microsoft Project Professional 2010
"TomTom HOME" = TomTom HOME 2.8.2.2264
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wisepilot_is1" = Wisepilot 4.0
"XMedia Recode" = XMedia Recode 2.2.5.8
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:32:13 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 26.11.2012 11:34:14 | Computer Name = Büro-PC | Source = Perflib | ID = 1010
Description =
 
Error - 26.11.2012 11:34:17 | Computer Name = Büro-PC | Source = Perflib | ID = 1008
Description =
 
Error - 26.11.2012 11:35:06 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3050
Description =
 
Error - 26.11.2012 11:48:11 | Computer Name = Büro-PC | Source = EventSystem | ID = 4621
Description =
 
[ System Events ]
Error - 10.12.2012 12:45:19 | Computer Name = Büro-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =
 
Error - 10.12.2012 12:46:33 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 10.12.2012 12:46:33 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10.12.2012 13:30:40 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 10.12.2012 13:31:24 | Computer Name = Büro-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =
 
Error - 10.12.2012 13:32:06 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 10.12.2012 13:32:06 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 11.12.2012 14:46:09 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 11.12.2012 14:47:40 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 11.12.2012 14:47:40 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >

cosinus 11.12.2012 22:24

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:OTL
SRV - (0243381355067586mcinstcleanup) -- C:\Windows\TEMP\024338~1.EXE File not found
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
FF - prefs.js..browser.search.defaultenginename: "Blekko"
FF - prefs.js..browser.search.order.1: "Blekko"
FF - prefs.js..browser.search.selectedEngine: "Blekko"
FF - prefs.js..browser.startup.homepage: "^http://blekko\\.com/ws/\\?source=017d87aa.*"
FF - prefs.js..keyword.URL: "^http://blekko\\.com/ws/\\?source=.*"
FF - user.js - File not found
[2012.11.26 16:30:53 | 000,000,000 | ---D | M] (blekko search bar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}
O2 - BHO: (blekko search bar) - {a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} - C:\Programme\blekkotb_020\blekkotb_019X.dll ()
O3 - HKLM\..\Toolbar: (blekko search bar) - {a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} - C:\Programme\blekkotb_020\blekkotb_019X.dll ()
O20 - AppInit_DLLs: (c:\progra~2\bprote~1\21415~1.37\protec~1.dll) -  File not found
:Files
C:\Programme\blekkotb_020
C:\bProtectorForWindows
c:\progra~2\bprote~1
C:\Users\***\Desktop\bProtectorForWindows
C:\Windows\System32\bProtectorForWindows
C:\a11620652cd54cb7a848
C:\bcf5bcbe93c4b8bbd8307d4f62
C:\6619f01411349f7fa75024cd067871
C:\2b2569472d675899af924504
C:\Users\***\Desktop\MBR.dat
C:\Users\***\AppData\Local\L8457789110
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

Schnegge82 12.12.2012 18:39
Hier der Inhalt der Textdatei:

Code:
All processes killed
========== OTL ==========
Service 0243381355067586mcinstcleanup stopped successfully!
Service 0243381355067586mcinstcleanup deleted successfully!
File  C:\Windows\TEMP\024338~1.EXE File not found not found.
HKEY_USERS\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: "Blekko" removed from browser.search.defaultenginename
Prefs.js: "Blekko" removed from browser.search.order.1
Prefs.js: "Blekko" removed from browser.search.selectedEngine
Prefs.js: "^hxxp://blekko\\.com/ws/\\?source=017d87aa.*" removed from browser.startup.homepage
Prefs.js: "^hxxp://blekko\\.com/ws/\\?source=.*" removed from keyword.URL
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\components folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\searchbar folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\options folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\uwa folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\radio\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\radio\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\radio folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\panels\js folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\panels\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\panels\default folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\panels\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\panels folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib\debugbar folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin\lib folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\skin folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\locale\lib folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\locale folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\data\weather folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\data\search folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\data\rss folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\data\dynamicElements folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\data folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\scripts folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.YouTube_v2\skin folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.YouTube_v2\js folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.YouTube_v2\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.YouTube_v2\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.YouTube_v2 folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.TwitterShortcut folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.Twitter\skin\scripts folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.Twitter\skin\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.Twitter\skin\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.Twitter\skin folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.Twitter\js folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.Twitter\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.Twitter\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.Twitter folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.FacebookShortcut folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\scripts folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.BlekkoMap\skin\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.BlekkoMap\skin folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.BlekkoMap\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.BlekkoMap\css folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets\net.vmn.www.BlekkoMap folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\widgets folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\newtab\images folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\newtab folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\modules folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content\lib folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome\content folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\chrome folder moved successfully.
C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\ deleted successfully.
C:\Programme\blekkotb_020\blekkotb_019X.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787}\ not found.
File C:\Programme\blekkotb_020\blekkotb_019X.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\bprote~1\21415~1.37\protec~1.dll deleted successfully.
========== FILES ==========
File\Folder C:\Programme\blekkotb_020 not found.
C:\bProtectorForWindows\2.1.415.37\traking_settings folder moved successfully.
C:\bProtectorForWindows\2.1.415.37 folder moved successfully.
C:\bProtectorForWindows folder moved successfully.
c:\progra~2\bProtectorForWindows\2.1.415.37 folder moved successfully.
c:\progra~2\bProtectorForWindows folder moved successfully.
C:\Users\***\Desktop\bProtectorForWindows\2.1.415.37 folder moved successfully.
C:\Users\***\Desktop\bProtectorForWindows folder moved successfully.
C:\Windows\System32\bProtectorForWindows\2.1.415.37 folder moved successfully.
C:\Windows\System32\bProtectorForWindows folder moved successfully.
Folder move failed. C:\a11620652cd54cb7a848\bProtectorForWindows\2.1.415.37 scheduled to be moved on reboot.
Folder move failed. C:\a11620652cd54cb7a848\bProtectorForWindows scheduled to be moved on reboot.
C:\a11620652cd54cb7a848 folder moved successfully.
Folder move failed. C:\bcf5bcbe93c4b8bbd8307d4f62\bProtectorForWindows\2.1.415.37 scheduled to be moved on reboot.
Folder move failed. C:\bcf5bcbe93c4b8bbd8307d4f62\bProtectorForWindows scheduled to be moved on reboot.
C:\bcf5bcbe93c4b8bbd8307d4f62 folder moved successfully.
Folder move failed. C:\6619f01411349f7fa75024cd067871\bProtectorForWindows\2.1.415.37 scheduled to be moved on reboot.
Folder move failed. C:\6619f01411349f7fa75024cd067871\bProtectorForWindows scheduled to be moved on reboot.
C:\6619f01411349f7fa75024cd067871 folder moved successfully.
Folder move failed. C:\2b2569472d675899af924504\bProtectorForWindows\2.1.415.37 scheduled to be moved on reboot.
Folder move failed. C:\2b2569472d675899af924504\bProtectorForWindows scheduled to be moved on reboot.
C:\2b2569472d675899af924504 folder moved successfully.
C:\Users\***\Desktop\MBR.dat moved successfully.
C:\Users\***\AppData\Local\L8457789110 moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\***\Desktop\cmd.bat deleted successfully.
C:\Users\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 397941 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35206489 bytes
->Flash cache emptied: 739 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 34,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 12122012_173817

Files\Folders moved on Reboot...
File\Folder C:\a11620652cd54cb7a848\bProtectorForWindows\2.1.415.37 not found!
File\Folder C:\a11620652cd54cb7a848\bProtectorForWindows not found!
File\Folder C:\bcf5bcbe93c4b8bbd8307d4f62\bProtectorForWindows\2.1.415.37 not found!
File\Folder C:\bcf5bcbe93c4b8bbd8307d4f62\bProtectorForWindows not found!
File\Folder C:\6619f01411349f7fa75024cd067871\bProtectorForWindows\2.1.415.37 not found!
File\Folder C:\6619f01411349f7fa75024cd067871\bProtectorForWindows not found!
File\Folder C:\2b2569472d675899af924504\bProtectorForWindows\2.1.415.37 not found!
File\Folder C:\2b2569472d675899af924504\bProtectorForWindows not found!
C:\Windows\temp\MpSigStub.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus 13.12.2012 14:33
Eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.

Schnegge82 14.12.2012 18:11
So, hier die OTL.txt:

Code:
OTL logfile created on: 14.12.2012 17:42:39 - Run 7
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 66,12% Memory free
6,19 Gb Paging File | 5,20 Gb Available in Paging File | 83,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 572,32 Gb Free Space | 62,45% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,73 Gb Free Space | 44,87% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
PRC - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Programme\Dell V305\dldtmsdmon.exe ()
PRC - C:\Programme\Dell V305\dldtmon.exe ()
PRC - C:\Windows\System32\dldtcoms.exe ( )
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\27eaca82076bc4478f5bfcaeb5cf619d\MenuSkinning.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\0868e07af5399e58078c7e252545a277\VistaBridgeLibrary.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\18f2261a32e4aa98d770c405554bd8d5\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\c31d3b435c5a131be0e2194b1cbf6e06\DellDock.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\03d071f52aaf45436629f91584eb96c1\MyDock.Util.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\f8694104e62a8182b9fbbae0e5173fcf\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\51bdab63dd9dbcddbfef9c82bffdbd59\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f183e57f94e56ac92ee99eed8e63943d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bc78764e2649bd53edc5c9884efba391\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\59f9dfe0ea64752c07f5a59c283c163b\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3331.38812__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3331.38896__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3331.38859__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3331.38795__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3331.38897__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3331.38860__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3331.38874__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3331.38802__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3331.38853__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3331.38858__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3331.38895__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3331.38809__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3331.38838__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3331.38803__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3331.38841__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3331.38869__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3331.38804__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3331.38815__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3331.38835__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3331.38818__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3331.38852__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3309.28647__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3331.38890__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3331.38888__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3331.38906__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3331.38791__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3331.38799__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3331.38808__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3331.38793__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3331.38793__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3331.38792__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3331.38794__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3331.38791__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3331.38889__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
MOD - C:\Programme\Dell DataSafe Local Backup\STFiles.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STLog.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STNLS.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STPE.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\zlib1.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STRegistry.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\libxml2.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\PSTVdsDisk.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\DataSafeOnline.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\SdbUI.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Programme\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\Programme\Dell DataSafe Online\CppUtils.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Dell V305\dldtmsdmon.exe ()
MOD - C:\Programme\Dell V305\dldtmon.exe ()
MOD - C:\Programme\Dell V305\app4r.monitor.core.dll ()
MOD - C:\Programme\Dell V305\app4r.monitor.common.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Programme\Dell V305\dldtdrs.dll ()
MOD - C:\Programme\Dell V305\dldtscw.dll ()
MOD - C:\Programme\Dell V305\dldtcaps.dll ()
MOD - C:\Programme\Dell V305\dldtmonr.dll ()
MOD - C:\Programme\Dell V305\dldtcfg.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Programme\Dell V305\dldtcnv4.dll ()
MOD - C:\Programme\Dell V305\dldtdatr.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (dldtCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe ()
SRV - (dldt_device) -- C:\Windows\System32\dldtcoms.exe ( )
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (mfeavfk01) --  File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\***\AppData\Local\Temp\catchme.sys File not found
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.)
DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (hotcore3) -- C:\Windows\System32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012.12.14 17:42:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.19 09:13:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.30 22:19:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.12.08 16:58:34 | 000,000,000 | ---D | M]
 
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.12.12 17:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions
[2011.03.05 20:08:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.27 23:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.05.19 09:13:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012.03.04 19:35:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.04 19:35:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.04 19:35:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.04 19:35:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.04 19:35:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.04 19:35:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.12.12 17:39:06 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20120829171946.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dldtamon] C:\Program Files\Dell V305\dldtamon.exe ()
O4 - HKLM..\Run: [dldtmon.exe] C:\Program Files\Dell V305\dldtmon.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] c:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat ()
O4 - HKLM..\RunOnce: [Launcher] C:\Programme\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39CC662D-6A20-4FED-825D-D0B2AB1A6221}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Programme\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.14 17:44:58 | 000,000,000 | ---D | C] -- C:\95a98663f02a062e7736034fbe2d
[2012.12.14 17:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.12.10 17:43:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.12.09 17:09:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.09 17:09:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\temp
[2012.12.09 16:47:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.09 16:47:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.09 16:47:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.09 16:47:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.09 16:47:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.09 16:40:20 | 005,010,414 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2012.12.08 16:56:42 | 000,146,872 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2012.12.02 19:55:53 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2010.01.12 20:03:09 | 008,653,312 | ---- | C] (Dell, Inc.                                                  ) -- C:\Users\***\AppData\Roaming\DataSafeDotNet.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.14 17:52:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.12.14 17:39:27 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.14 17:39:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.14 17:39:24 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.14 17:39:21 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.12.14 17:39:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.14 17:39:12 | 3217,264,640 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.12 18:40:38 | 000,001,034 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.12.12 18:22:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.12 17:39:06 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.12.11 20:51:24 | 000,002,631 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Word 2007.lnk
[2012.12.10 15:31:18 | 000,545,819 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe
[2012.12.09 16:40:57 | 005,010,414 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2012.12.02 23:51:35 | 000,058,778 | ---- | M] () -- C:\Users\***\Desktop\GMER_LOG.zip
[2012.12.02 20:01:18 | 000,302,592 | ---- | M] () -- C:\Users\***\Desktop\509y08cl.exe
[2012.12.02 19:56:35 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.11.29 16:16:30 | 000,002,633 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Excel 2007.lnk
[2012.11.29 15:49:00 | 000,002,735 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Outlook 2007.lnk
[2012.11.18 23:31:29 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.18 23:31:29 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.18 23:31:29 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.18 23:31:29 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.12.10 15:32:37 | 000,545,819 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe
[2012.12.09 16:47:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.09 16:47:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.09 16:47:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.09 16:47:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.09 16:47:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.02 23:51:34 | 000,058,778 | ---- | C] () -- C:\Users\***\Desktop\GMER_LOG.zip
[2012.12.02 20:01:06 | 000,302,592 | ---- | C] () -- C:\Users\***\Desktop\509y08cl.exe
[2012.10.07 15:26:43 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.05.15 20:31:31 | 000,211,046 | ---- | C] () -- C:\Users\***\Antrag ****  Antrag.pdf
[2011.08.11 21:43:16 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.06.29 19:24:10 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2011.06.29 19:24:10 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2011.01.21 23:53:36 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2009.09.18 21:30:19 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2009.09.18 21:26:12 | 000,175,616 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.09.11 08:00:41 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 03:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

und die Extras.txt:

Code:
OTL Extras logfile created on: 14.12.2012 17:42:39 - Run 7
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,98 Gb Available Physical Memory | 66,12% Memory free
6,19 Gb Paging File | 5,20 Gb Available in Paging File | 83,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 572,32 Gb Free Space | 62,45% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,73 Gb Free Space | 44,87% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079FD4DE-DC19-4404-9F61-05790E718CE8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12546D2A-A88E-4282-95C6-6E6D5E7AF693}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{22F260BB-3576-44E6-8E5F-08C0FA9369DD}" = lport=80 | protocol=17 | dir=in | name=receiver |
"{31D53028-76E0-4913-AF0C-74C80B70F051}" = rport=10243 | protocol=6 | dir=out | app=system |
"{32A1FDB5-300F-498E-AE31-6430C3DDFCF1}" = rport=137 | protocol=17 | dir=out | app=system |
"{3319912E-4022-4B60-A3B5-AA937CA7B199}" = lport=2869 | protocol=6 | dir=in | app=system |
"{43DC0B1F-6C75-4287-9DBD-6934F6DA5C04}" = rport=139 | protocol=6 | dir=out | app=system |
"{53D8F01C-2515-47B9-8E37-F10CC9A37FB2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{72714D68-0EA6-47B8-B520-321481388ABD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8237E849-E26E-4C7A-9A02-A5A30E8FF83C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{932470C7-BFF7-421A-A6B2-10149961195B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A559B4D0-1C98-4889-8463-C9106DD20758}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAF75F21-2A3B-4B12-9B28-3BF095AD5129}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B227456B-158C-4A15-866F-6C72077738E5}" = lport=139 | protocol=6 | dir=in | app=system |
"{CCA4353B-ADEB-4118-BDBD-DEDC3C850035}" = rport=138 | protocol=17 | dir=out | app=system |
"{CF4CE158-77A8-4197-96EB-6DD8352C0B00}" = lport=138 | protocol=17 | dir=in | app=system |
"{D0D81549-3396-44A4-B808-F62B2CE78590}" = rport=445 | protocol=6 | dir=out | app=system |
"{D5429371-803F-4155-B017-9791F30462BE}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8C365A0-80C1-4272-B17E-9C448371AD8B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E23BB5B2-21E3-4DB1-BD34-F2A44AE2C5FF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECE25BE3-C9C6-4BCB-93E8-D8FD7E5C3F0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{F27D466E-47E3-4B25-8113-E069F19F3622}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F27D5CD6-B255-481D-9E2F-BFA2A2445375}" = lport=137 | protocol=17 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020D2969-F13F-4996-A4DD-EDA88A3BDB5D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{071B7923-9A3B-454F-9F2F-0F67F3904A5A}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{0A45F96E-EE12-4CEB-8C41-7A10D309C1B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F2BE6AE-7A7C-438D-BB59-9214609DA5E0}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{18F8572A-D7DC-4260-AB52-1B90455C2389}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{199B6D89-DFBB-4272-BFF7-421100CF4D52}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{1C107C1A-B68C-4BF5-AFB7-5CE1BD6C94A8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1F078DE4-6D74-45A9-B58B-98123F484144}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{25AF695F-C23D-47E6-854C-266F166FC045}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{261DA95C-AA33-480A-AAB6-8D4E9F6E84B1}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{2C9F5560-6B61-4552-9317-A1C4594151CA}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{31DC5165-1B8D-4917-B1A8-6BA58818DAC9}" = protocol=6 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{325F2C96-8333-4BD1-932A-12F66352AE14}" = protocol=6 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{3876A086-D31C-4626-AE2D-3F1100E85A50}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{3B593FBA-3111-468C-AD40-725210F879D7}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{44887DFE-049F-446E-927C-2DD0F76647C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{472A765A-E5C2-4256-821D-9CBF84E65988}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{49F5A5BC-DC11-4822-8C4A-7D037610E929}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4BAF0678-2642-44BD-B0AF-A481F350989E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4CAE3D57-AB34-4595-B65A-D83DF29303EC}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{542B4BD4-845D-469B-BE4E-89789888AE83}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5717672A-6621-49FC-9256-E40ABD392992}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{59A9D8F1-769A-4CC0-9CA8-A24036F0F83E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5DEBB0BD-0933-4753-8E60-24C62EF7F0C6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{60AE3C3A-3616-4CA2-AFC4-E825863C0127}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62AD5464-3036-4186-9ADC-EB33D2096D43}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6310EC91-D7DC-430F-8010-9EF6D9C0F054}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{648B325F-4804-418D-85BC-D6A02A0BD643}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65272EA4-6860-4EEC-AC20-A8BD3504C32B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6941B5EB-325E-4B98-89DA-C41C7A145378}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{6D64474B-D825-472C-86F0-F1BDA28E7994}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{7846EFB1-7A27-466C-B03A-ABB0BD8EB725}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{7AA39480-0C95-4E0E-8ED1-613A17C34841}" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"{8429C5B8-15AE-4C4F-B0F0-BD52770DBA9C}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{867CC7B7-214D-4256-A92F-FEE5B7F3883B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{86B54175-27F4-4661-A6DD-E41BDC795D3E}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{8CD53841-2AF3-4E97-8AAF-721B583CE8E0}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{910A02EB-8EA1-40CA-8874-F9DB786A7CDA}" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"{953596F5-9625-4027-BD9E-91507EDD754C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9F76788E-5A8E-482A-A4C2-132FE1DE549A}" = protocol=17 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{A2AFE5C1-019A-4AB9-8627-F3230111F373}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{A4DA14CE-58DE-4F9D-8C0E-6C9EA7298BE5}" = protocol=17 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{A65CE731-60F9-4CE6-B7D7-8BF4C651F74F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9FB3EB1-FA0D-4F45-865E-1BCFEE561B25}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{AB384FFE-5526-4583-8D52-0C4E623C146D}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{B154E59E-8726-4E17-A780-E41CA5C802A4}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{B24D9E52-2864-4F29-A423-F568F9DC0E2F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B4A083D8-7369-4F16-A609-C61D52B3CAB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B5E30D30-5114-44CA-8678-6DC81BF3E646}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B67B8A51-F06A-4850-A4CB-5EAC793BF844}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C123ADFE-B6E4-4EF9-A97E-2CF38E15F6DD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{C4F590E0-AE5D-43D3-AF61-4B674F643337}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CBA05323-00BA-4AA6-AF1B-8ADE4323E1DC}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{CEDBA156-FF2E-48A3-B7BA-8F7770310B4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CEFBCFCF-3022-42E0-A73D-76639838C400}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1C33DED-DD39-4C79-B946-C8594755A549}" = protocol=6 | dir=out | app=system |
"{DFB48B6A-50EF-4AD0-BC8A-E4EF6E46356F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E48BE109-C248-4E0C-84AA-7835C1F09EB3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{E5B00193-1E99-46ED-A37F-1070BE6163BF}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{E9AB3BFC-8241-46AD-83FE-643BCD0701B9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{EDBF2B19-B309-4B9F-9D0D-D701E8C0C257}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5208DA2-6EF4-4C76-851C-6C53656D5DD2}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{F7CF5709-3090-462E-A222-CFE8546AB305}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"TCP Query User{267F1D74-5EA9-48EB-B043-82BC471B6B12}C:\program files\dell v305\frun.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"TCP Query User{495B4E6F-7B5E-4B60-8FA8-0126359570E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"TCP Query User{5B964673-8D25-4CE8-B516-409317D20112}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{6C2AA7CE-7958-4A31-B3F6-E56CEF54952E}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{98B8DFB4-A136-4A00-8550-D43792EEF55A}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{9DCD40C7-75E4-4A0B-97D4-382AF1A88F60}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{FDB8F04B-A87A-408B-B4C4-338D8003519D}C:\program files\dell v305\dldtmon.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"UDP Query User{1A5C6D1E-A6D9-4B6C-912E-C0F26D6D6072}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{2C398C82-7EB7-422A-8590-A7F0B3CA1A0A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{60437BE4-48E1-4897-84A8-A553676CA139}C:\program files\dell v305\frun.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"UDP Query User{725DB65A-B6B9-4AA3-916A-DAA410A221E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"UDP Query User{A8EA4F0F-7E3F-41B6-9834-8433532D150A}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{B5989A5D-438E-47E3-A32E-873E4BABC416}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{E5DF9D08-2C6B-49CE-88A7-F9DA7BDF695E}C:\program files\dell v305\dldtmon.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{04D5E56E-F323-27F2-C075-EF1AE9A3CF2B}" = Catalyst Control Center Graphics Light
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07288267-318E-9B78-B04E-984F9149EE24}" = Catalyst Control Center Graphics Previews Common
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B23ACC5-88A6-FEE4-0131-8777A1BA0B68}" = Catalyst Control Center Graphics Previews Vista
"{0CD81D7E-94E2-D230-E37E-C9B16E90D01C}" = CCC Help Italian
"{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1252F398-5142-4D81-AD31-8B0204C26E8C}" = ARIS Express
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{16A7FAD8-EE4F-C413-8359-833A3B2D39FB}" = CCC Help Portuguese
"{18364179-C5E5-F826-E2FC-D99D575AF997}" = Catalyst Control Center Localization All
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29258311-EA49-11DE-967C-005056C00008}" = Paragon Festplatten Manager™ 2011 Suite Demo
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}" = Diagnostics32
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47C72DA6-E7AC-984C-5475-15A65F9B41BE}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A918155-6399-4673-0D08-85A0DBEC1389}" = CCC Help Chinese Traditional
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{537791BE-B032-D116-0C59-13541E17BFEA}" = CCC Help English
"{5441F067-5AF8-4284-9A8C-FD98DF05C981}" = Omron Health Management Software
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{60379D61-4F60-4C0D-ADB0-7670BD513AE1}" = Pubs
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66DAE8D7-D5F7-462F-5815-102EE4B191C4}" = CCC Help Korean
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{763B809A-6874-5979-CD69-39491392262C}" = Catalyst Control Center InstallProxy
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E910FDA-CBBE-4451-8728-235E6A4DE162}" = Sony Ericsson Media Manager 1.1
"{7FE440D8-8F16-24CA-81B6-7DEB4D6BF92D}" = CCC Help Hungarian
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.3.0
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{88D3B829-DBA4-D839-33BF-9A5794CC21EB}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9044B9A5-B7D7-3EA2-B20B-49A47853D62F}" = CCC Help Spanish
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A7F37935-A880-8657-79CE-F98BF3A358E1}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B297076F-905F-7E13-57EF-7D254EBB7589}" = CCC Help Japanese
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3F9AC0D-3A6D-42F7-8A44-80335A366233}" = Install
"{C61E46F5-0699-400B-B9BF-899349F10776}" = Wireless Setup Utility 32
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1B8C6AC-C4F8-E8AF-E157-AF3E16B97903}" = CCC Help French
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 Königs- Edition
"{DC702FC1-4746-CD99-0578-02839474C2F8}" = Skins
"{DCCB7F99-84DC-6558-1406-AB775DD202BD}" = ccc-utility
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E00B477F-8558-45DA-B25A-69935FB89A94}" = Dell Dock
"{E59145A6-2D21-9E5C-6551-ACA2539CDE50}" = ccc-core-static
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E89371A0-2FCD-F518-EECB-09AB27724CEE}" = CCC Help German
"{EACCC991-8E8C-4397-8854-349506741FC9}" = FileMaker Pro 11
"{EACCC991-8E8C-4397-8854-349506741FC9}_FileMaker" = FileMaker Pro 11
"{ED06F22F-DADB-E713-2E49-EEB154950285}" = Catalyst Control Center Graphics Full Existing
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{ED83A136-0255-11D5-ABDE-00E07D81F9B8}" = Schiene und Strasse
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4953044-0533-4F01-B0FC-1D271AB998D8}" = Inkjet Toolbox
"{F6706DF9-B0B6-8496-F302-BF511197A32F}" = Catalyst Control Center Core Implementation
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"blekkotb_020" = blekko search bar
"Dell Support Center" = Dell Support Center
"Dell V305" = Dell V305
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Flight Simulator 8.0" = Microsoft Flight Simulator 2002
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"King" = King
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Mediaport" = Mediaport
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"MPE" = MyPhoneExplorer
"MSC" = McAfee SecurityCenter
"Office14.PRJPROR" = Microsoft Project Professional 2010
"TomTom HOME" = TomTom HOME 2.8.2.2264
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wisepilot_is1" = Wisepilot 4.0
"XMedia Recode" = XMedia Recode 2.2.5.8
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 02.12.2012 14:50:43 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 02.12.2012 14:50:43 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 02.12.2012 14:50:43 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 02.12.2012 14:50:43 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 02.12.2012 14:50:43 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 02.12.2012 14:50:43 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 02.12.2012 14:50:44 | Computer Name = Büro-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 02.12.2012 14:52:03 | Computer Name = Büro-PC | Source = Perflib | ID = 1010
Description =
 
Error - 02.12.2012 14:52:05 | Computer Name = Büro-PC | Source = Perflib | ID = 1008
Description =
 
Error - 02.12.2012 16:26:01 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung aswMBR.exe, Version 0.9.9.1707, Zeitstempel
0x509be8bf, fehlerhaftes Modul ntdll.dll, Version 6.0.6001.22777, Zeitstempel 0x4cb72ffe,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00065833,  Prozess-ID 0x15bc, Anwendungsstartzeit
 01cdd0ca0b772020.
 
[ System Events ]
Error - 14.12.2012 12:39:21 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 14.12.2012 12:40:57 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 14.12.2012 12:40:57 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 14.12.2012 12:51:48 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 14.12.2012 12:51:48 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 14.12.2012 12:51:49 | Computer Name = Büro-PC | Source = DCOM | ID = 10005
Description =
 
Error - 14.12.2012 12:51:49 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 14.12.2012 12:51:49 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 14.12.2012 12:53:59 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 14.12.2012 12:53:59 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >

cosinus 16.12.2012 14:35
Ein kleiner Rest ist da noch

Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
:OTL
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
:Files
C:\95a98663f02a062e7736034fbe2d
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread

Schnegge82 18.12.2012 00:26
Ok, hier die Textdatei:

Code:
All processes killed
========== OTL ==========
HKEY_USERS\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
========== FILES ==========
File\Folder C:\95a98663f02a062e7736034fbe2d not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\***\Desktop\cmd.bat deleted successfully.
C:\Users\***\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: ***
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 266334 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35568726 bytes
->Flash cache emptied: 739 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 5122 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 34,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 12182012_001702

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Eine Kontrolle mit OTL?

cosinus 18.12.2012 03:15
Zitat:
Eine Kontrolle mit OTL?
Richtig :) wäre ganz gut :D

Schnegge82 18.12.2012 12:36
Ok, hier die OTL.txt:

Code:
OTL logfile created on: 18.12.2012 12:10:30 - Run 8
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,58% Memory free
6,21 Gb Paging File | 5,02 Gb Available in Paging File | 80,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 572,14 Gb Free Space | 62,43% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,73 Gb Free Space | 44,89% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
PRC - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Programme\Dell V305\dldtmsdmon.exe ()
PRC - C:\Programme\Dell V305\dldtmon.exe ()
PRC - C:\Windows\System32\dldtcoms.exe ( )
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\27eaca82076bc4478f5bfcaeb5cf619d\MenuSkinning.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\0868e07af5399e58078c7e252545a277\VistaBridgeLibrary.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\18f2261a32e4aa98d770c405554bd8d5\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\c31d3b435c5a131be0e2194b1cbf6e06\DellDock.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\03d071f52aaf45436629f91584eb96c1\MyDock.Util.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\f8694104e62a8182b9fbbae0e5173fcf\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\51bdab63dd9dbcddbfef9c82bffdbd59\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f183e57f94e56ac92ee99eed8e63943d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bc78764e2649bd53edc5c9884efba391\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\59f9dfe0ea64752c07f5a59c283c163b\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3331.38812__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3331.38896__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3331.38859__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3331.38795__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3331.38897__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3331.38860__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3331.38874__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3331.38802__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3331.38853__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3331.38858__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3331.38895__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3331.38809__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3331.38838__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3331.38803__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3331.38841__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3331.38869__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3331.38804__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3331.38815__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3331.38835__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3331.38818__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3331.38852__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3309.28647__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3331.38890__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3331.38888__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3331.38906__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3331.38791__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3331.38799__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3331.38808__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3331.38793__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3331.38793__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3331.38792__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3331.38794__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3331.38791__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3331.38889__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
MOD - C:\Programme\Dell DataSafe Local Backup\STFiles.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STLog.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STNLS.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STPE.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\zlib1.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STRegistry.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\libxml2.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\PSTVdsDisk.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\DataSafeOnline.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\SdbUI.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Programme\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\Programme\Dell DataSafe Online\CppUtils.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Dell V305\dldtmsdmon.exe ()
MOD - C:\Programme\Dell V305\dldtmon.exe ()
MOD - C:\Programme\Dell V305\app4r.monitor.core.dll ()
MOD - C:\Programme\Dell V305\app4r.monitor.common.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Programme\Dell V305\dldtdrs.dll ()
MOD - C:\Programme\Dell V305\dldtscw.dll ()
MOD - C:\Programme\Dell V305\dldtcaps.dll ()
MOD - C:\Programme\Dell V305\dldtmonr.dll ()
MOD - C:\Programme\Dell V305\dldtcfg.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Programme\Dell V305\dldtcnv4.dll ()
MOD - C:\Programme\Dell V305\dldtdatr.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (dldtCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe ()
SRV - (dldt_device) -- C:\Windows\System32\dldtcoms.exe ( )
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (mfeavfk01) --  File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\***\AppData\Local\Temp\catchme.sys File not found
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.)
DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (hotcore3) -- C:\Windows\System32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012.12.18 12:02:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.19 09:13:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.30 22:19:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.12.08 16:58:34 | 000,000,000 | ---D | M]
 
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.12.12 17:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions
[2011.03.05 20:08:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.27 23:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.05.19 09:13:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012.03.04 19:35:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.04 19:35:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.04 19:35:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.04 19:35:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.04 19:35:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.04 19:35:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.12.18 00:17:05 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20120829171946.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dldtamon] C:\Program Files\Dell V305\dldtamon.exe ()
O4 - HKLM..\Run: [dldtmon.exe] C:\Program Files\Dell V305\dldtmon.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] c:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat ()
O4 - HKLM..\RunOnce: [Launcher] C:\Programme\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39CC662D-6A20-4FED-825D-D0B2AB1A6221}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Programme\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.18 12:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.12.10 17:43:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.12.09 17:09:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.09 17:09:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\temp
[2012.12.09 16:47:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.09 16:47:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.09 16:47:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.09 16:47:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.09 16:47:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.09 16:40:20 | 005,010,414 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2012.12.08 16:56:42 | 000,146,872 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\HipShieldK.sys
[2012.12.02 19:55:53 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2010.01.12 20:03:09 | 008,653,312 | ---- | C] (Dell, Inc.                                                  ) -- C:\Users\***\AppData\Roaming\DataSafeDotNet.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.18 12:07:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.12.18 11:58:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.18 11:58:36 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.18 11:58:36 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.18 11:58:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.18 11:58:27 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.18 00:27:48 | 000,001,034 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.12.18 00:22:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.18 00:17:05 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.12.14 17:39:21 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.12.11 20:51:24 | 000,002,631 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Word 2007.lnk
[2012.12.10 15:31:18 | 000,545,819 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe
[2012.12.09 16:40:57 | 005,010,414 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2012.12.02 23:51:35 | 000,058,778 | ---- | M] () -- C:\Users\***\Desktop\GMER_LOG.zip
[2012.12.02 20:01:18 | 000,302,592 | ---- | M] () -- C:\Users\***\Desktop\509y08cl.exe
[2012.12.02 19:56:35 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe
[2012.11.29 16:16:30 | 000,002,633 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Excel 2007.lnk
[2012.11.29 15:49:00 | 000,002,735 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Outlook 2007.lnk
[2012.11.18 23:31:29 | 000,628,504 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.18 23:31:29 | 000,595,798 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.18 23:31:29 | 000,126,248 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.18 23:31:29 | 000,103,872 | ---- | M] () -- C:\Windows\System32\perfc009.dat
 
========== Files Created - No Company Name ==========
 
[2012.12.10 15:32:37 | 000,545,819 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe
[2012.12.09 16:47:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.09 16:47:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.09 16:47:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.09 16:47:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.09 16:47:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.02 23:51:34 | 000,058,778 | ---- | C] () -- C:\Users\***\Desktop\GMER_LOG.zip
[2012.12.02 20:01:06 | 000,302,592 | ---- | C] () -- C:\Users\***\Desktop\509y08cl.exe
[2012.10.07 15:26:43 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.05.15 20:31:31 | 000,211,046 | ---- | C] () -- C:\Users\***\Antrag ****  Antrag.pdf
[2011.08.11 21:43:16 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.06.29 19:24:10 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2011.06.29 19:24:10 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2011.01.21 23:53:36 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2009.09.18 21:30:19 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2009.09.18 21:26:12 | 000,175,616 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.09.11 08:00:41 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 03:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >



und die Extras.txt:

Code:
OTL Extras logfile created on: 18.12.2012 12:10:30 - Run 8
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 69,58% Memory free
6,21 Gb Paging File | 5,02 Gb Available in Paging File | 80,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 572,14 Gb Free Space | 62,43% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,73 Gb Free Space | 44,89% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079FD4DE-DC19-4404-9F61-05790E718CE8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12546D2A-A88E-4282-95C6-6E6D5E7AF693}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{22F260BB-3576-44E6-8E5F-08C0FA9369DD}" = lport=80 | protocol=17 | dir=in | name=receiver |
"{31D53028-76E0-4913-AF0C-74C80B70F051}" = rport=10243 | protocol=6 | dir=out | app=system |
"{32A1FDB5-300F-498E-AE31-6430C3DDFCF1}" = rport=137 | protocol=17 | dir=out | app=system |
"{3319912E-4022-4B60-A3B5-AA937CA7B199}" = lport=2869 | protocol=6 | dir=in | app=system |
"{43DC0B1F-6C75-4287-9DBD-6934F6DA5C04}" = rport=139 | protocol=6 | dir=out | app=system |
"{53D8F01C-2515-47B9-8E37-F10CC9A37FB2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{72714D68-0EA6-47B8-B520-321481388ABD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8237E849-E26E-4C7A-9A02-A5A30E8FF83C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{932470C7-BFF7-421A-A6B2-10149961195B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A559B4D0-1C98-4889-8463-C9106DD20758}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAF75F21-2A3B-4B12-9B28-3BF095AD5129}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B227456B-158C-4A15-866F-6C72077738E5}" = lport=139 | protocol=6 | dir=in | app=system |
"{CCA4353B-ADEB-4118-BDBD-DEDC3C850035}" = rport=138 | protocol=17 | dir=out | app=system |
"{CF4CE158-77A8-4197-96EB-6DD8352C0B00}" = lport=138 | protocol=17 | dir=in | app=system |
"{D0D81549-3396-44A4-B808-F62B2CE78590}" = rport=445 | protocol=6 | dir=out | app=system |
"{D5429371-803F-4155-B017-9791F30462BE}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8C365A0-80C1-4272-B17E-9C448371AD8B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E23BB5B2-21E3-4DB1-BD34-F2A44AE2C5FF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECE25BE3-C9C6-4BCB-93E8-D8FD7E5C3F0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{F27D466E-47E3-4B25-8113-E069F19F3622}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F27D5CD6-B255-481D-9E2F-BFA2A2445375}" = lport=137 | protocol=17 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020D2969-F13F-4996-A4DD-EDA88A3BDB5D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{071B7923-9A3B-454F-9F2F-0F67F3904A5A}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{0A45F96E-EE12-4CEB-8C41-7A10D309C1B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F2BE6AE-7A7C-438D-BB59-9214609DA5E0}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{18F8572A-D7DC-4260-AB52-1B90455C2389}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{199B6D89-DFBB-4272-BFF7-421100CF4D52}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{1C107C1A-B68C-4BF5-AFB7-5CE1BD6C94A8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1F078DE4-6D74-45A9-B58B-98123F484144}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{25AF695F-C23D-47E6-854C-266F166FC045}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{261DA95C-AA33-480A-AAB6-8D4E9F6E84B1}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{2C9F5560-6B61-4552-9317-A1C4594151CA}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{31DC5165-1B8D-4917-B1A8-6BA58818DAC9}" = protocol=6 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{325F2C96-8333-4BD1-932A-12F66352AE14}" = protocol=6 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{3876A086-D31C-4626-AE2D-3F1100E85A50}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{3B593FBA-3111-468C-AD40-725210F879D7}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{44887DFE-049F-446E-927C-2DD0F76647C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{472A765A-E5C2-4256-821D-9CBF84E65988}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{49F5A5BC-DC11-4822-8C4A-7D037610E929}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4BAF0678-2642-44BD-B0AF-A481F350989E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4CAE3D57-AB34-4595-B65A-D83DF29303EC}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{542B4BD4-845D-469B-BE4E-89789888AE83}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5717672A-6621-49FC-9256-E40ABD392992}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{59A9D8F1-769A-4CC0-9CA8-A24036F0F83E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5DEBB0BD-0933-4753-8E60-24C62EF7F0C6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{60AE3C3A-3616-4CA2-AFC4-E825863C0127}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62AD5464-3036-4186-9ADC-EB33D2096D43}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6310EC91-D7DC-430F-8010-9EF6D9C0F054}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{648B325F-4804-418D-85BC-D6A02A0BD643}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65272EA4-6860-4EEC-AC20-A8BD3504C32B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6941B5EB-325E-4B98-89DA-C41C7A145378}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{6D64474B-D825-472C-86F0-F1BDA28E7994}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{7846EFB1-7A27-466C-B03A-ABB0BD8EB725}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{7AA39480-0C95-4E0E-8ED1-613A17C34841}" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"{8429C5B8-15AE-4C4F-B0F0-BD52770DBA9C}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{867CC7B7-214D-4256-A92F-FEE5B7F3883B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{86B54175-27F4-4661-A6DD-E41BDC795D3E}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{8CD53841-2AF3-4E97-8AAF-721B583CE8E0}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{910A02EB-8EA1-40CA-8874-F9DB786A7CDA}" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"{953596F5-9625-4027-BD9E-91507EDD754C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9F76788E-5A8E-482A-A4C2-132FE1DE549A}" = protocol=17 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{A2AFE5C1-019A-4AB9-8627-F3230111F373}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{A4DA14CE-58DE-4F9D-8C0E-6C9EA7298BE5}" = protocol=17 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{A65CE731-60F9-4CE6-B7D7-8BF4C651F74F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9FB3EB1-FA0D-4F45-865E-1BCFEE561B25}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{AB384FFE-5526-4583-8D52-0C4E623C146D}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{B154E59E-8726-4E17-A780-E41CA5C802A4}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{B24D9E52-2864-4F29-A423-F568F9DC0E2F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B4A083D8-7369-4F16-A609-C61D52B3CAB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B5E30D30-5114-44CA-8678-6DC81BF3E646}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B67B8A51-F06A-4850-A4CB-5EAC793BF844}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C123ADFE-B6E4-4EF9-A97E-2CF38E15F6DD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{C4F590E0-AE5D-43D3-AF61-4B674F643337}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CBA05323-00BA-4AA6-AF1B-8ADE4323E1DC}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{CEDBA156-FF2E-48A3-B7BA-8F7770310B4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CEFBCFCF-3022-42E0-A73D-76639838C400}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1C33DED-DD39-4C79-B946-C8594755A549}" = protocol=6 | dir=out | app=system |
"{DFB48B6A-50EF-4AD0-BC8A-E4EF6E46356F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E48BE109-C248-4E0C-84AA-7835C1F09EB3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{E5B00193-1E99-46ED-A37F-1070BE6163BF}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{E9AB3BFC-8241-46AD-83FE-643BCD0701B9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{EDBF2B19-B309-4B9F-9D0D-D701E8C0C257}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5208DA2-6EF4-4C76-851C-6C53656D5DD2}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{F7CF5709-3090-462E-A222-CFE8546AB305}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"TCP Query User{267F1D74-5EA9-48EB-B043-82BC471B6B12}C:\program files\dell v305\frun.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"TCP Query User{495B4E6F-7B5E-4B60-8FA8-0126359570E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"TCP Query User{5B964673-8D25-4CE8-B516-409317D20112}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{6C2AA7CE-7958-4A31-B3F6-E56CEF54952E}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{98B8DFB4-A136-4A00-8550-D43792EEF55A}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{9DCD40C7-75E4-4A0B-97D4-382AF1A88F60}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{FDB8F04B-A87A-408B-B4C4-338D8003519D}C:\program files\dell v305\dldtmon.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"UDP Query User{1A5C6D1E-A6D9-4B6C-912E-C0F26D6D6072}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{2C398C82-7EB7-422A-8590-A7F0B3CA1A0A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{60437BE4-48E1-4897-84A8-A553676CA139}C:\program files\dell v305\frun.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"UDP Query User{725DB65A-B6B9-4AA3-916A-DAA410A221E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"UDP Query User{A8EA4F0F-7E3F-41B6-9834-8433532D150A}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{B5989A5D-438E-47E3-A32E-873E4BABC416}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{E5DF9D08-2C6B-49CE-88A7-F9DA7BDF695E}C:\program files\dell v305\dldtmon.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{04D5E56E-F323-27F2-C075-EF1AE9A3CF2B}" = Catalyst Control Center Graphics Light
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07288267-318E-9B78-B04E-984F9149EE24}" = Catalyst Control Center Graphics Previews Common
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B23ACC5-88A6-FEE4-0131-8777A1BA0B68}" = Catalyst Control Center Graphics Previews Vista
"{0CD81D7E-94E2-D230-E37E-C9B16E90D01C}" = CCC Help Italian
"{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1252F398-5142-4D81-AD31-8B0204C26E8C}" = ARIS Express
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{16A7FAD8-EE4F-C413-8359-833A3B2D39FB}" = CCC Help Portuguese
"{18364179-C5E5-F826-E2FC-D99D575AF997}" = Catalyst Control Center Localization All
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29258311-EA49-11DE-967C-005056C00008}" = Paragon Festplatten Manager™ 2011 Suite Demo
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}" = Diagnostics32
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47C72DA6-E7AC-984C-5475-15A65F9B41BE}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A918155-6399-4673-0D08-85A0DBEC1389}" = CCC Help Chinese Traditional
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{537791BE-B032-D116-0C59-13541E17BFEA}" = CCC Help English
"{5441F067-5AF8-4284-9A8C-FD98DF05C981}" = Omron Health Management Software
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{60379D61-4F60-4C0D-ADB0-7670BD513AE1}" = Pubs
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66DAE8D7-D5F7-462F-5815-102EE4B191C4}" = CCC Help Korean
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{763B809A-6874-5979-CD69-39491392262C}" = Catalyst Control Center InstallProxy
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E910FDA-CBBE-4451-8728-235E6A4DE162}" = Sony Ericsson Media Manager 1.1
"{7FE440D8-8F16-24CA-81B6-7DEB4D6BF92D}" = CCC Help Hungarian
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.3.0
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{88D3B829-DBA4-D839-33BF-9A5794CC21EB}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9044B9A5-B7D7-3EA2-B20B-49A47853D62F}" = CCC Help Spanish
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A7F37935-A880-8657-79CE-F98BF3A358E1}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B297076F-905F-7E13-57EF-7D254EBB7589}" = CCC Help Japanese
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3F9AC0D-3A6D-42F7-8A44-80335A366233}" = Install
"{C61E46F5-0699-400B-B9BF-899349F10776}" = Wireless Setup Utility 32
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1B8C6AC-C4F8-E8AF-E157-AF3E16B97903}" = CCC Help French
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 Königs- Edition
"{DC702FC1-4746-CD99-0578-02839474C2F8}" = Skins
"{DCCB7F99-84DC-6558-1406-AB775DD202BD}" = ccc-utility
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E00B477F-8558-45DA-B25A-69935FB89A94}" = Dell Dock
"{E59145A6-2D21-9E5C-6551-ACA2539CDE50}" = ccc-core-static
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E89371A0-2FCD-F518-EECB-09AB27724CEE}" = CCC Help German
"{EACCC991-8E8C-4397-8854-349506741FC9}" = FileMaker Pro 11
"{EACCC991-8E8C-4397-8854-349506741FC9}_FileMaker" = FileMaker Pro 11
"{ED06F22F-DADB-E713-2E49-EEB154950285}" = Catalyst Control Center Graphics Full Existing
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{ED83A136-0255-11D5-ABDE-00E07D81F9B8}" = Schiene und Strasse
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4953044-0533-4F01-B0FC-1D271AB998D8}" = Inkjet Toolbox
"{F6706DF9-B0B6-8496-F302-BF511197A32F}" = Catalyst Control Center Core Implementation
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"blekkotb_020" = blekko search bar
"Dell Support Center" = Dell Support Center
"Dell V305" = Dell V305
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Flight Simulator 8.0" = Microsoft Flight Simulator 2002
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"King" = King
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Mediaport" = Mediaport
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"MPE" = MyPhoneExplorer
"MSC" = McAfee SecurityCenter
"Office14.PRJPROR" = Microsoft Project Professional 2010
"TomTom HOME" = TomTom HOME 2.8.2.2264
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wisepilot_is1" = Wisepilot 4.0
"XMedia Recode" = XMedia Recode 2.2.5.8
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.12.2012 11:59:19 | Computer Name = Büro-PC | Source = PerfNet | ID = 2005
Description =
 
Error - 08.12.2012 12:00:20 | Computer Name = Büro-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 09.12.2012 11:35:35 | Computer Name = Büro-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 09.12.2012 11:37:44 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 09.12.2012 11:37:44 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 09.12.2012 11:37:45 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 09.12.2012 11:37:45 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 09.12.2012 11:37:45 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 09.12.2012 11:37:45 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 09.12.2012 11:37:45 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
[ System Events ]
Error - 17.12.2012 19:08:44 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 17.12.2012 19:10:08 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 17.12.2012 19:10:08 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 17.12.2012 19:17:02 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7034
Description =
 
Error - 17.12.2012 19:18:04 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 17.12.2012 19:19:36 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 17.12.2012 19:19:36 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 18.12.2012 06:58:33 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 18.12.2012 07:00:11 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 18.12.2012 07:00:11 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >

cosinus 18.12.2012 22:52
Hm, da ist immer noch bprot drin :balla:
Bitte mal den aktuellen adwCleaner runterladen, also die alte adwcleaner löschen und neu runterladen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Schnegge82 07.01.2013 16:05
Okay, alte adwcleaner versionen gelöscht und einen Scan mit der aktuellen Version gemacht.

Hier der Inhalt der Text Datei:

Code:
# AdwCleaner v2.104 - Datei am 07/01/2013 um 15:59:28 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - BÜRO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\END
Datei Gefunden : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\bprotector_extensions.sqlite
Datei Gefunden : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\bprotector_prefs.js

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6001.18639

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v11.0 (de)

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [12400 octets] - [15/10/2012 21:11:57]
AdwCleaner[R2].txt - [1830 octets] - [09/12/2012 20:17:55]
AdwCleaner[R3].txt - [1551 octets] - [07/01/2013 15:58:11]
AdwCleaner[R4].txt - [1358 octets] - [07/01/2013 15:59:28]
AdwCleaner[S1].txt - [11672 octets] - [16/10/2012 18:47:14]
AdwCleaner[S2].txt - [1919 octets] - [10/12/2012 15:33:31]

########## EOF - C:\AdwCleaner[R4].txt - [1539 octets] ##########

cosinus 07.01.2013 21:42
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.

Schnegge82 08.01.2013 16:28
Hier das Ergebnis von adwCleaner:
Code:
# AdwCleaner v2.105 - Datei am 08/01/2013 um 15:45:42 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - BÜRO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\bprotector_prefs.js

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6001.18639

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v11.0 (de)

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\zy0ekmia.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [12400 octets] - [15/10/2012 21:11:57]
AdwCleaner[R2].txt - [1830 octets] - [09/12/2012 20:17:55]
AdwCleaner[R3].txt - [1551 octets] - [07/01/2013 15:58:11]
AdwCleaner[R4].txt - [1593 octets] - [07/01/2013 15:59:28]
AdwCleaner[S1].txt - [11672 octets] - [16/10/2012 18:47:14]
AdwCleaner[S2].txt - [1919 octets] - [10/12/2012 15:33:31]
AdwCleaner[S3].txt - [1649 octets] - [08/01/2013 15:45:42]

########## EOF - C:\AdwCleaner[S3].txt - [1709 octets] ##########

und anschliessend wie gewohnt die Kontrolle mit OTL :)

OTL.txt:
Code:
OTL logfile created on: 08.01.2013 15:55:50 - Run 9
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,54% Memory free
6,20 Gb Paging File | 4,87 Gb Available in Paging File | 78,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 570,40 Gb Free Space | 62,24% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,74 Gb Free Space | 44,95% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\McAfee\SystemCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
PRC - C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
PRC - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Programme\Dell V305\dldtmsdmon.exe ()
PRC - C:\Programme\Dell V305\dldtmon.exe ()
PRC - C:\Windows\System32\dldtcoms.exe ( )
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\18f2261a32e4aa98d770c405554bd8d5\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\dee800943eedfcd6120a7b56f0887fb0\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\f8694104e62a8182b9fbbae0e5173fcf\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\51bdab63dd9dbcddbfef9c82bffdbd59\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f183e57f94e56ac92ee99eed8e63943d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bc78764e2649bd53edc5c9884efba391\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\59f9dfe0ea64752c07f5a59c283c163b\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f4fbd5c3aa0de64cce8f542b447a31a8\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\54d1bb7213f94f2bfa67b0b560785220\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\a9288099fbc6849c6c7523745b4f64f4\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a189480a53deaaf80a820de30553259b\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3331.38812__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3331.38896__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3331.38859__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3331.38795__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3331.38897__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3331.38860__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3331.38874__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3331.38802__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3331.38853__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3331.38858__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3331.38895__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3331.38809__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3331.38838__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3331.38803__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3331.38841__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3331.38869__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3331.38814__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3331.38912__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3331.38804__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3331.38815__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3331.38835__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3331.38839__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3331.38818__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3331.38840__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3331.38850__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3331.38852__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3309.28647__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3331.38890__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3331.38888__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3331.38906__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3331.38791__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3331.38799__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3331.38808__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3331.38793__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3331.38793__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3331.38792__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3331.38794__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3331.38791__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3331.38889__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\Components\scheduler\STService.exe ()
MOD - C:\Programme\Dell DataSafe Local Backup\STFiles.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STLog.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STNLS.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STPE.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\zlib1.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\STRegistry.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\libxml2.dll ()
MOD - C:\Programme\Dell DataSafe Local Backup\PSTVdsDisk.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\DataSafeOnline.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
MOD - C:\Programme\Dell DataSafe Online\SdbUI.dll ()
MOD - C:\Programme\Dell DataSafe Online\de\SdbUI.resources.dll ()
MOD - C:\Programme\Dell DataSafe Online\DataSafeOnline.exe ()
MOD - C:\Programme\Dell DataSafe Online\BalloonWindow.dll ()
MOD - C:\Programme\Dell DataSafe Online\CppUtils.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Dell V305\dldtmsdmon.exe ()
MOD - C:\Programme\Dell V305\dldtmon.exe ()
MOD - C:\Programme\Dell V305\app4r.monitor.core.dll ()
MOD - C:\Programme\Dell V305\app4r.monitor.common.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.dll ()
MOD - C:\Programme\Dell V305\dldtdrs.dll ()
MOD - C:\Programme\Dell V305\dldtscw.dll ()
MOD - C:\Programme\Dell V305\dldtcaps.dll ()
MOD - C:\Programme\Dell V305\dldtmonr.dll ()
MOD - C:\Programme\Dell V305\dldtcfg.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Programme\Dell V305\app4r.devmons.mcmdevmon.autoplayutil.dll ()
MOD - C:\Programme\Dell V305\dldtcnv4.dll ()
MOD - C:\Programme\Dell V305\dldtdatr.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mfevtp) -- C:\Programme\Common Files\McAfee\SystemCore\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Programme\Dell DataSafe Local Backup\SftService.exe (SoftThinks)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (dldtCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dldtserv.exe ()
SRV - (dldt_device) -- C:\Windows\System32\dldtcoms.exe ( )
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (mfeavfk01) --  File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\***\AppData\Local\Temp\catchme.sys File not found
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mferkdet) -- C:\Windows\System32\drivers\mferkdet.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.)
DRV - (PCDSRVC{E9D79540-57D5953E-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc.pkms (PC-Doctor, Inc.)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (hotcore3) -- C:\Windows\System32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\..\SearchScopes\{794CC25A-E274-4077-A627-65A355864C16}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&Form=DLCDF7&pc=MDDC&src={referrer:source?}
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2013.01.08 15:53:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.19 09:13:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.30 22:19:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012.12.08 16:58:34 | 000,000,000 | ---D | M]
 
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.07.17 12:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.12.12 17:38:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions
[2011.03.05 20:08:21 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\zy0ekmia.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.01.27 23:24:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.05.19 09:13:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.04.14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012.03.04 19:35:15 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.04 19:35:15 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.03.04 19:35:15 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.04 19:35:15 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.04 19:35:15 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.04 19:35:15 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.12.18 00:17:05 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\McAfee\SystemCore\ScriptSn.20120829171946.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [dldtamon] C:\Program Files\Dell V305\dldtamon.exe ()
O4 - HKLM..\Run: [dldtmon.exe] C:\Program Files\Dell V305\dldtmon.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PDFPrint] C:\Programme\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] c:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat ()
O4 - HKLM..\RunOnce: [Launcher] C:\Programme\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = C:\Programme\Dell\DellDock\DellDock.exe (Stardock Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39CC662D-6A20-4FED-825D-D0B2AB1A6221}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Programme\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.08 15:54:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.12.10 17:43:04 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.12.09 17:09:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.12.09 17:09:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\temp
[2012.12.09 16:47:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.09 16:47:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.09 16:47:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.09 16:47:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.09 16:47:12 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.09 16:40:20 | 005,010,414 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
[2010.01.12 20:03:09 | 008,653,312 | ---- | C] (Dell, Inc.                                                  ) -- C:\Users\***\AppData\Roaming\DataSafeDotNet.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.08 15:50:00 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2013.01.08 15:49:51 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.08 15:49:50 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.08 15:49:47 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.08 15:49:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.08 15:49:11 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.08 15:47:21 | 000,001,034 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.01.08 15:41:35 | 000,554,087 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe
[2013.01.02 12:10:13 | 000,002,735 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Outlook 2007.lnk
[2012.12.18 12:22:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.18 00:17:05 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012.12.14 17:39:21 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012.12.11 20:51:24 | 000,002,631 | ---- | M] () -- C:\Users\***\Desktop\Microsoft Office Word 2007.lnk
[2012.12.09 16:40:57 | 005,010,414 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe
 
========== Files Created - No Company Name ==========
 
[2013.01.08 15:41:16 | 000,554,087 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe
[2012.12.09 16:47:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.09 16:47:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.09 16:47:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.09 16:47:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.09 16:47:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.10.07 15:26:43 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2012.05.15 20:31:31 | 000,211,046 | ---- | C] () -- C:\Users\***\Antrag ****  Antrag.pdf
[2011.08.11 21:43:16 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.06.29 19:24:10 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2011.06.29 19:24:10 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2011.01.21 23:53:36 | 000,000,680 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2009.09.18 21:30:19 | 000,000,000 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2009.09.18 21:26:12 | 000,175,616 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 16:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.09.11 08:00:41 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 03:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >


Extras.txt:
Code:
OTL Extras logfile created on: 08.01.2013 15:55:50 - Run 9
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 58,54% Memory free
6,20 Gb Paging File | 4,87 Gb Available in Paging File | 78,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 916,43 Gb Total Space | 570,40 Gb Free Space | 62,24% Space Free | Partition Type: NTFS
Drive D: | 15,00 Gb Total Space | 6,74 Gb Free Space | 44,95% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-1537332811-3382495713-1467414659-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{079FD4DE-DC19-4404-9F61-05790E718CE8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{12546D2A-A88E-4282-95C6-6E6D5E7AF693}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{22F260BB-3576-44E6-8E5F-08C0FA9369DD}" = lport=80 | protocol=17 | dir=in | name=receiver |
"{31D53028-76E0-4913-AF0C-74C80B70F051}" = rport=10243 | protocol=6 | dir=out | app=system |
"{32A1FDB5-300F-498E-AE31-6430C3DDFCF1}" = rport=137 | protocol=17 | dir=out | app=system |
"{3319912E-4022-4B60-A3B5-AA937CA7B199}" = lport=2869 | protocol=6 | dir=in | app=system |
"{43DC0B1F-6C75-4287-9DBD-6934F6DA5C04}" = rport=139 | protocol=6 | dir=out | app=system |
"{53D8F01C-2515-47B9-8E37-F10CC9A37FB2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{72714D68-0EA6-47B8-B520-321481388ABD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8237E849-E26E-4C7A-9A02-A5A30E8FF83C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{932470C7-BFF7-421A-A6B2-10149961195B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A559B4D0-1C98-4889-8463-C9106DD20758}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAF75F21-2A3B-4B12-9B28-3BF095AD5129}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B227456B-158C-4A15-866F-6C72077738E5}" = lport=139 | protocol=6 | dir=in | app=system |
"{CCA4353B-ADEB-4118-BDBD-DEDC3C850035}" = rport=138 | protocol=17 | dir=out | app=system |
"{CF4CE158-77A8-4197-96EB-6DD8352C0B00}" = lport=138 | protocol=17 | dir=in | app=system |
"{D0D81549-3396-44A4-B808-F62B2CE78590}" = rport=445 | protocol=6 | dir=out | app=system |
"{D5429371-803F-4155-B017-9791F30462BE}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8C365A0-80C1-4272-B17E-9C448371AD8B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E23BB5B2-21E3-4DB1-BD34-F2A44AE2C5FF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECE25BE3-C9C6-4BCB-93E8-D8FD7E5C3F0A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{F27D466E-47E3-4B25-8113-E069F19F3622}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F27D5CD6-B255-481D-9E2F-BFA2A2445375}" = lport=137 | protocol=17 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{020D2969-F13F-4996-A4DD-EDA88A3BDB5D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{071B7923-9A3B-454F-9F2F-0F67F3904A5A}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{0A45F96E-EE12-4CEB-8C41-7A10D309C1B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0F2BE6AE-7A7C-438D-BB59-9214609DA5E0}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{18F8572A-D7DC-4260-AB52-1B90455C2389}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{199B6D89-DFBB-4272-BFF7-421100CF4D52}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{1C107C1A-B68C-4BF5-AFB7-5CE1BD6C94A8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1F078DE4-6D74-45A9-B58B-98123F484144}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{25AF695F-C23D-47E6-854C-266F166FC045}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{261DA95C-AA33-480A-AAB6-8D4E9F6E84B1}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{2C9F5560-6B61-4552-9317-A1C4594151CA}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{31DC5165-1B8D-4917-B1A8-6BA58818DAC9}" = protocol=6 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{325F2C96-8333-4BD1-932A-12F66352AE14}" = protocol=6 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{3876A086-D31C-4626-AE2D-3F1100E85A50}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{3B593FBA-3111-468C-AD40-725210F879D7}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{44887DFE-049F-446E-927C-2DD0F76647C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{472A765A-E5C2-4256-821D-9CBF84E65988}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{49F5A5BC-DC11-4822-8C4A-7D037610E929}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4BAF0678-2642-44BD-B0AF-A481F350989E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{4CAE3D57-AB34-4595-B65A-D83DF29303EC}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{542B4BD4-845D-469B-BE4E-89789888AE83}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5717672A-6621-49FC-9256-E40ABD392992}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{59A9D8F1-769A-4CC0-9CA8-A24036F0F83E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5DEBB0BD-0933-4753-8E60-24C62EF7F0C6}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{60AE3C3A-3616-4CA2-AFC4-E825863C0127}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{62AD5464-3036-4186-9ADC-EB33D2096D43}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6310EC91-D7DC-430F-8010-9EF6D9C0F054}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{648B325F-4804-418D-85BC-D6A02A0BD643}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65272EA4-6860-4EEC-AC20-A8BD3504C32B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6941B5EB-325E-4B98-89DA-C41C7A145378}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"{6D64474B-D825-472C-86F0-F1BDA28E7994}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{7846EFB1-7A27-466C-B03A-ABB0BD8EB725}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{7AA39480-0C95-4E0E-8ED1-613A17C34841}" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"{8429C5B8-15AE-4C4F-B0F0-BD52770DBA9C}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe |
"{867CC7B7-214D-4256-A92F-FEE5B7F3883B}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"{86B54175-27F4-4661-A6DD-E41BDC795D3E}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{8CD53841-2AF3-4E97-8AAF-721B583CE8E0}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{910A02EB-8EA1-40CA-8874-F9DB786A7CDA}" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"{953596F5-9625-4027-BD9E-91507EDD754C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9F76788E-5A8E-482A-A4C2-132FE1DE549A}" = protocol=17 | dir=in | app=c:\program files\dell v305\netsupp.dll |
"{A2AFE5C1-019A-4AB9-8627-F3230111F373}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtjswx.exe |
"{A4DA14CE-58DE-4F9D-8C0E-6C9EA7298BE5}" = protocol=17 | dir=in | app=c:\program files\technisat\mediaport\mediaport.exe |
"{A65CE731-60F9-4CE6-B7D7-8BF4C651F74F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A9FB3EB1-FA0D-4F45-865E-1BCFEE561B25}" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{AB384FFE-5526-4583-8D52-0C4E623C146D}" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtamon.exe |
"{B154E59E-8726-4E17-A780-E41CA5C802A4}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{B24D9E52-2864-4F29-A423-F568F9DC0E2F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B4A083D8-7369-4F16-A609-C61D52B3CAB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B5E30D30-5114-44CA-8678-6DC81BF3E646}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B67B8A51-F06A-4850-A4CB-5EAC793BF844}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C123ADFE-B6E4-4EF9-A97E-2CF38E15F6DD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{C4F590E0-AE5D-43D3-AF61-4B674F643337}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CBA05323-00BA-4AA6-AF1B-8ADE4323E1DC}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe |
"{CEDBA156-FF2E-48A3-B7BA-8F7770310B4F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{CEFBCFCF-3022-42E0-A73D-76639838C400}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1C33DED-DD39-4C79-B946-C8594755A549}" = protocol=6 | dir=out | app=system |
"{DFB48B6A-50EF-4AD0-BC8A-E4EF6E46356F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E48BE109-C248-4E0C-84AA-7835C1F09EB3}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldttime.exe |
"{E5B00193-1E99-46ED-A37F-1070BE6163BF}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{E9AB3BFC-8241-46AD-83FE-643BCD0701B9}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{EDBF2B19-B309-4B9F-9D0D-D701E8C0C257}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5208DA2-6EF4-4C76-851C-6C53656D5DD2}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe |
"{F7CF5709-3090-462E-A222-CFE8546AB305}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"TCP Query User{267F1D74-5EA9-48EB-B043-82BC471B6B12}C:\program files\dell v305\frun.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\frun.exe |
"TCP Query User{495B4E6F-7B5E-4B60-8FA8-0126359570E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"TCP Query User{5B964673-8D25-4CE8-B516-409317D20112}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{6C2AA7CE-7958-4A31-B3F6-E56CEF54952E}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{98B8DFB4-A136-4A00-8550-D43792EEF55A}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{9DCD40C7-75E4-4A0B-97D4-382AF1A88F60}E:\easysetupassistant\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"TCP Query User{FDB8F04B-A87A-408B-B4C4-338D8003519D}C:\program files\dell v305\dldtmon.exe" = protocol=6 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
"UDP Query User{1A5C6D1E-A6D9-4B6C-912E-C0F26D6D6072}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{2C398C82-7EB7-422A-8590-A7F0B3CA1A0A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{60437BE4-48E1-4897-84A8-A553676CA139}C:\program files\dell v305\frun.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\frun.exe |
"UDP Query User{725DB65A-B6B9-4AA3-916A-DAA410A221E9}C:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dldtpswx.exe |
"UDP Query User{A8EA4F0F-7E3F-41B6-9834-8433532D150A}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{B5989A5D-438E-47E3-A32E-873E4BABC416}E:\easysetupassistant\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\easysetupassistant.exe |
"UDP Query User{E5DF9D08-2C6B-49CE-88A7-F9DA7BDF695E}C:\program files\dell v305\dldtmon.exe" = protocol=17 | dir=in | app=c:\program files\dell v305\dldtmon.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{04D5E56E-F323-27F2-C075-EF1AE9A3CF2B}" = Catalyst Control Center Graphics Light
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{07288267-318E-9B78-B04E-984F9149EE24}" = Catalyst Control Center Graphics Previews Common
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B23ACC5-88A6-FEE4-0131-8777A1BA0B68}" = Catalyst Control Center Graphics Previews Vista
"{0CD81D7E-94E2-D230-E37E-C9B16E90D01C}" = CCC Help Italian
"{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1252F398-5142-4D81-AD31-8B0204C26E8C}" = ARIS Express
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{16A7FAD8-EE4F-C413-8359-833A3B2D39FB}" = CCC Help Portuguese
"{18364179-C5E5-F826-E2FC-D99D575AF997}" = Catalyst Control Center Localization All
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{29258311-EA49-11DE-967C-005056C00008}" = Paragon Festplatten Manager™ 2011 Suite Demo
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{36EEFD4F-E34C-4491-B04A-DB8F85C3A021}" = Diagnostics32
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{47C72DA6-E7AC-984C-5475-15A65F9B41BE}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A918155-6399-4673-0D08-85A0DBEC1389}" = CCC Help Chinese Traditional
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{537791BE-B032-D116-0C59-13541E17BFEA}" = CCC Help English
"{5441F067-5AF8-4284-9A8C-FD98DF05C981}" = Omron Health Management Software
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B09BD67-4C99-46A1-8161-B7208CE18121}" = QuickTime
"{60379D61-4F60-4C0D-ADB0-7670BD513AE1}" = Pubs
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66DAE8D7-D5F7-462F-5815-102EE4B191C4}" = CCC Help Korean
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{763B809A-6874-5979-CD69-39491392262C}" = Catalyst Control Center InstallProxy
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E910FDA-CBBE-4451-8728-235E6A4DE162}" = Sony Ericsson Media Manager 1.1
"{7FE440D8-8F16-24CA-81B6-7DEB4D6BF92D}" = CCC Help Hungarian
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.3.0
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{88D3B829-DBA4-D839-33BF-9A5794CC21EB}" = CCC Help Chinese Standard
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJPROR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PRJPROR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PRJPROR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PRJPROR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2010
"{90140000-00B4-0407-0000-0000000FF1CE}_Office14.PRJPROR_{86D01646-1942-4253-B11F-68F5ED259B17}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9044B9A5-B7D7-3EA2-B20B-49A47853D62F}" = CCC Help Spanish
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91140000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{8A8F117F-8EDB-440D-B679-F08909D729F7}" = Microsoft Project 2010 Service Pack 1 (SP1)
"{92B94569-6683-4617-8C54-EB27A1B51B30}" = GTAIII
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A7F37935-A880-8657-79CE-F98BF3A358E1}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B297076F-905F-7E13-57EF-7D254EBB7589}" = CCC Help Japanese
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C3F9AC0D-3A6D-42F7-8A44-80335A366233}" = Install
"{C61E46F5-0699-400B-B9BF-899349F10776}" = Wireless Setup Utility 32
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1B8C6AC-C4F8-E8AF-E157-AF3E16B97903}" = CCC Help French
"{DB833EF9-A198-49BE-970A-BD46F30BFBB4}" = ANNO 1503 Königs- Edition
"{DC702FC1-4746-CD99-0578-02839474C2F8}" = Skins
"{DCCB7F99-84DC-6558-1406-AB775DD202BD}" = ccc-utility
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E00B477F-8558-45DA-B25A-69935FB89A94}" = Dell Dock
"{E59145A6-2D21-9E5C-6551-ACA2539CDE50}" = ccc-core-static
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E89371A0-2FCD-F518-EECB-09AB27724CEE}" = CCC Help German
"{EACCC991-8E8C-4397-8854-349506741FC9}" = FileMaker Pro 11
"{EACCC991-8E8C-4397-8854-349506741FC9}_FileMaker" = FileMaker Pro 11
"{ED06F22F-DADB-E713-2E49-EEB154950285}" = Catalyst Control Center Graphics Full Existing
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{ED83A136-0255-11D5-ABDE-00E07D81F9B8}" = Schiene und Strasse
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4953044-0533-4F01-B0FC-1D271AB998D8}" = Inkjet Toolbox
"{F6706DF9-B0B6-8496-F302-BF511197A32F}" = Catalyst Control Center Core Implementation
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"blekkotb_020" = blekko search bar
"Dell Support Center" = Dell Support Center
"Dell V305" = Dell V305
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011
"Flight Simulator 8.0" = Microsoft Flight Simulator 2002
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{8DF712DA-D325-4FD0-8DE8-E2D78FC3CDC3}" = IL-2 Sturmovik: Forgotten Battles
"King" = King
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Mediaport" = Mediaport
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"MPE" = MyPhoneExplorer
"MSC" = McAfee SecurityCenter
"Office14.PRJPROR" = Microsoft Project Professional 2010
"TomTom HOME" = TomTom HOME 2.8.2.2264
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 1.0.5
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wisepilot_is1" = Wisepilot 4.0
"XMedia Recode" = XMedia Recode 2.2.5.8
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
Error - 10.12.2012 10:26:38 | Computer Name = Büro-PC | Source = Windows Search Service | ID = 3013
Description =
 
[ System Events ]
Error - 07.01.2013 10:47:16 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 07.01.2013 10:48:54 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 07.01.2013 10:48:54 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 08.01.2013 10:34:18 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 08.01.2013 10:35:07 | Computer Name = Büro-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =
 
Error - 08.01.2013 10:35:51 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 08.01.2013 10:35:51 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 08.01.2013 10:49:30 | Computer Name = Büro-PC | Source = HTTP | ID = 15016
Description =
 
Error - 08.01.2013 10:51:00 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 08.01.2013 10:51:00 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description =
 
 
< End of report >

cosinus 08.01.2013 20:07
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Schnegge82 09.01.2013 19:21
Das Hört sich doch ganz gut an.

Sieht so aus als wenn die anderen beiden Scans auch nichts mehr gefunden haben.

Hier das Ergebnis von Malwarebytes:
Code:
Malwarebytes Anti-Malware (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.09.07

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
*** :: BÜRO-PC [Administrator]

Schutz: Aktiviert

09.01.2013 16:07:37
mbam-log-2013-01-09 (16-07-37).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 216053
Laufzeit: 5 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
und das Ergebnis von ESET:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=fd550fa011dcf148ab71ba8f322b1969
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-13 09:48:52
# local_time=2012-10-13 11:48:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5121 16777213 100 75 3898835 4441730 0 0
# compatibility_mode=5892 16776574 100 95 149273671 187689308 0 0
# compatibility_mode=8192 67108863 100 0 74104 74104 0 0
# scanned=254647
# found=19
# cleaned=0
# scan_time=8352
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarApp.dll        a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarEng.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarsrv.exe        probably a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll        a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe        probably a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\78NCRCX2\main[1]        Win32/LockScreen.AHO trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\78NCRCX2\main[2]        Win32/LockScreen.AHO trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JTYCXYBI\main[1]        Win32/LockScreen.AHO trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\1AA6DD38-BAB0-7891-97E4-A762E7733E75\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\1AA6DD38-BAB0-7891-97E4-A762E7733E75\Setup.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\is1373634743\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\AppData\Local\Temp\is1972027439\MyBabylonTB.exe        Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\***\Downloads\installer_command_and_conquer_3_tiberium_wars.exe        multiple threats (unable to clean)        00000000000000000000000000000000        I
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=fd550fa011dcf148ab71ba8f322b1969
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-09 04:04:47
# local_time=2013-01-09 05:04:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5122 16777213 100 97 2765173 106530083 0 0
# compatibility_mode=5892 16776574 100 100 91051 195280215 0 0
# scanned=599
# found=0
# cleaned=0
# scan_time=58
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=fd550fa011dcf148ab71ba8f322b1969
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-09 05:31:29
# local_time=2013-01-09 06:31:29 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6001 NT Service Pack 1
# compatibility_mode=5122 16777213 100 97 2773975 106535285 0 0
# compatibility_mode=5892 16776574 100 100 99853 195285417 0 0
# scanned=248552
# found=0
# cleaned=0
# scan_time=5113

cosinus 09.01.2013 23:54
Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:42 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55