Ergebnis 1 bis 10 von 10
  1. #1
    Einsteiger
    Registriert seit
    06.07.2012
    Beiträge
    5

    MyStart Incredibar - wie werde ich es los?

    Hallo zusammen,
    ich bin heute zum ersten Mal hier und das auch direkt, weil ich ein Problem habe.
    Ich habe mir über die (eigentlich zuverlässige) Seite chip.de den PDF creator runtergeladen und dabei auch die mystart incredibar toolbar bekommen.
    Was ich mittlerweile alles angestellt habe, um sie loszuwerden:
    - deinstallation eines zugehörigen programms aus der systemsteuerung
    - entfernen des entsprechenden add-ons aus den firefox-einstellungen
    - startseite wieder umgestellt, neue tabs werden auch nicht mehr mit der lästigen seite geöffnet

    Die Antiviren-/Malwareprogramme eset und malwarebytes haben keine ergebnisse/ gefahren mehr gefunden. Jedoch ist incredibar noch latent in meinem browser vorhanden.
    Ich habe jetzt - wie vielfach empfohlen - einen Systemscan mit OTL gemacht. Ergebnis ist folgendes:
    Code:
     OTL logfile created on: 06.07.2012 14:59:21 - Run 2
    OTL by OldTimer - Version 3.2.53.1     Folder = D:\Eigene Dateien\Desktop
    64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    7,99 Gb Total Physical Memory | 6,08 Gb Available Physical Memory | 76,10% Memory free
    15,98 Gb Paging File | 13,95 Gb Available in Paging File | 87,27% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 78,03 Gb Total Space | 21,69 Gb Free Space | 27,80% Space Free | Partition Type: NTFS
    Drive D: | 387,64 Gb Total Space | 318,30 Gb Free Space | 82,11% Space Free | Partition Type: NTFS
    Drive E: | 413,04 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
    Drive F: | 1397,26 Gb Total Space | 1120,01 Gb Free Space | 80,16% Space Free | Partition Type: NTFS
     
    Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2012.07.06 14:45:34 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Eigene Dateien\Desktop\OTL.exe
    PRC - [2012.06.19 08:54:48 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Programme\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    PRC - [2011.01.31 13:16:40 | 000,703,360 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
    PRC - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
    PRC - [2010.11.23 18:49:24 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
    PRC - [2010.11.15 14:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
    PRC - [2010.10.27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    PRC - [2010.08.25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    PRC - [2010.05.11 11:16:34 | 000,140,288 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
    PRC - [2010.05.11 06:06:40 | 001,885,512 | ---- | M] (Sanford, L.P.) -- C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
    PRC - [2010.05.11 05:53:16 | 000,055,808 | ---- | M] (Sanford, L.P.) -- C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe
    PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    PRC - [2009.12.17 20:50:18 | 000,976,832 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    PRC - [2009.10.27 10:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
    PRC - [2009.09.15 17:38:32 | 000,603,984 | ---- | M] (ACD Systems International Inc.) -- C:\Program Files (x86)\Common Files\ACD Systems\DE\DevDetect.exe
    PRC - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    PRC - [2008.03.26 18:33:00 | 000,135,168 | ---- | M] (Vimicro Corporation) -- C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe
    PRC - [2007.04.13 18:20:22 | 000,097,432 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - [2012.06.19 08:54:47 | 002,042,848 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2012.06.14 13:28:37 | 014,325,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll
    MOD - [2012.06.14 13:28:21 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
    MOD - [2012.06.14 13:28:14 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
    MOD - [2012.06.14 13:28:09 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll
    MOD - [2012.05.13 15:30:21 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\c366ebd7f33816762268154efc68176d\System.Core.ni.dll
    MOD - [2012.05.13 14:47:04 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
    MOD - [2012.05.13 14:47:00 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
    MOD - [2012.05.13 14:46:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
    MOD - [2012.05.13 14:46:57 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
    MOD - [2012.05.13 14:46:52 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
    MOD - [2011.01.31 13:17:32 | 000,129,408 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\plugins\nps.dll
    MOD - [2011.01.31 13:15:08 | 002,551,808 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll
    MOD - [2011.01.31 13:15:08 | 002,277,888 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll
    MOD - [2011.01.31 13:15:08 | 000,912,384 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll
    MOD - [2011.01.31 13:15:08 | 000,196,608 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qjpeg4.dll
    MOD - [2011.01.31 13:15:08 | 000,026,624 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qgif4.dll
    MOD - [2011.01.31 13:15:06 | 010,837,504 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll
    MOD - [2011.01.31 13:15:06 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll
    MOD - [2011.01.31 13:15:06 | 002,186,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll
    MOD - [2011.01.31 13:15:06 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll
    MOD - [2011.01.31 13:15:06 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll
    MOD - [2011.01.31 13:15:06 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll
    MOD - [2011.01.31 13:15:06 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll
    MOD - [2011.01.31 13:15:06 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll
    MOD - [2011.01.31 12:54:42 | 000,790,016 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll
    MOD - [2011.01.31 12:52:56 | 000,345,088 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll
    MOD - [2011.01.31 12:52:56 | 000,180,104 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\noaipcclient.dll
    MOD - [2011.01.31 12:52:56 | 000,028,040 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\wrtserviceipcclient.dll
    MOD - [2011.01.31 12:52:00 | 000,680,448 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll
    MOD - [2010.11.15 14:41:18 | 000,367,496 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe
    MOD - [2010.11.15 14:41:18 | 000,034,184 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\wrtserviceipcserver.dll
    MOD - [2010.11.15 10:13:00 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\qtsecurestorage.dll
    MOD - [2010.11.15 10:12:46 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\cryptodll.dll
    MOD - [2010.11.15 10:12:46 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\qtsecurestorageserver.dll
    MOD - [2010.09.23 18:34:40 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtGui4.dll
    MOD - [2010.09.23 18:25:08 | 000,912,384 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtNetwork4.dll
    MOD - [2010.09.23 18:24:02 | 000,339,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtXml4.dll
    MOD - [2010.09.23 18:23:50 | 002,277,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Nokia\NoA\QtCore4.dll
    MOD - [2010.05.11 05:52:30 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.Common.dll
    MOD - [2009.07.14 19:58:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
    MOD - [2005.07.20 11:48:10 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll
     
     
    ========== Win32 Services (SafeList) ==========
     
    SRV:64bit: - [2010.01.27 11:27:24 | 000,665,320 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\atwtusb.exe -- (WTService)
    SRV - [2012.06.19 08:54:48 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
    SRV - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
    SRV - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Programme\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
    SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
    SRV - [2010.12.10 17:36:54 | 000,153,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
    SRV - [2010.12.08 15:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
    SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
    SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
    SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
    SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
    SRV - [2007.04.13 18:20:22 | 000,097,432 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
    DRV:64bit: - [2012.03.14 08:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
    DRV:64bit: - [2012.03.14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
    DRV:64bit: - [2012.03.14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
    DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010.07.30 15:18:04 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
    DRV:64bit: - [2010.07.30 15:18:02 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
    DRV:64bit: - [2010.07.30 15:18:00 | 000,026,624 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
    DRV:64bit: - [2010.07.30 15:17:56 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
    DRV:64bit: - [2010.07.12 14:49:14 | 000,072,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
    DRV:64bit: - [2010.07.12 14:48:50 | 000,085,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
    DRV:64bit: - [2010.03.04 15:43:00 | 000,346,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
    DRV:64bit: - [2009.10.26 17:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
    DRV:64bit: - [2009.10.26 17:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
    DRV:64bit: - [2009.08.26 08:15:10 | 000,007,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\walvhid.sys -- (vhidmini)
    DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
    DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
    DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009.04.29 17:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
    DRV:64bit: - [2009.03.11 15:13:18 | 000,198,400 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmuvc.sys -- (VMUVC)
    DRV:64bit: - [2009.03.08 14:16:14 | 000,007,680 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\moufiltr.sys -- (moufiltr)
    DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
    DRV:64bit: - [2008.07.01 12:14:42 | 000,303,616 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vvftUVC.sys -- (vvftUVC)
    DRV:64bit: - [2007.05.09 22:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
    DRV:64bit: - [2007.05.09 22:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
    DRV:64bit: - [2007.05.09 22:46:36 | 000,016,032 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
    DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
     
     
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
     
     
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 50 28 E9 31 A2 CC 01  [binary data]
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7WZPC_de
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQCA8V1eR&i=26
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = *****S**@t-online.de
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.defaultenginename: "www.google.de"
    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "about:home"
    FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
    FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
    FF - prefs.js..keyword.URL: "www.google.de"
     
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
     
    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.03.08 16:09:20 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 08:54:48 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.27 13:38:51 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.03.08 16:09:20 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.07.06 10:16:30 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 08:54:48 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.27 13:38:51 | 000,000,000 | ---D | M]
     
    [2010.11.09 18:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
    [2012.07.06 00:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\9uniihas.default\extensions
    [2011.12.14 22:38:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
    [2012.06.19 08:54:48 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2012.06.19 08:54:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
    [2012.06.19 08:54:46 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012.06.19 08:54:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
    [2012.06.19 08:54:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
    [2012.06.19 08:54:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
    [2012.06.19 08:54:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
     
    O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: []  File not found
    O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
    O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
    O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
    O4:64bit: - HKLM..\Run: [MacroKeyManager] C:\Windows\SysNative\WTMKM.exe ()
    O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [DLSService] C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe (Sanford, L.P.)
    O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
    O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-944106507-3691109379-2109958795-1000..\Run: []  File not found
    O4 - HKU\S-1-5-21-944106507-3691109379-2109958795-1000..\Run: [Device Detector] DevDetect.exe -autorun File not found
    O4 - HKU\S-1-5-21-944106507-3691109379-2109958795-1000..\Run: [DymoQuickPrint] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.)
    O4 - HKU\S-1-5-21-944106507-3691109379-2109958795-1000..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
    O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE05FAD7-1FCD-4ADF-ACD7-EA876285B38B}: DhcpNameServer = 192.168.2.1
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2012.07.06 14:45:29 | 000,595,968 | ---- | C] (OldTimer Tools) -- D:\Eigene Dateien\Desktop\OTL.exe
    [2012.07.06 14:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2012.07.06 14:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2012.07.06 11:55:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
    [2012.07.06 11:54:10 | 002,322,184 | ---- | C] (ESET) -- D:\Eigene Dateien\Desktop\esetsmartinstaller_enu.exe
    [2012.07.06 10:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
    [2012.07.06 10:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
    [2012.07.06 10:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2012.07.06 08:18:41 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
    [2012.07.06 08:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012.07.06 08:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012.07.06 08:18:30 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2012.07.06 08:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2012.07.06 00:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
    [2012.07.06 00:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
    [2012.07.03 13:03:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{0B10CEB9-F2FC-4B10-9770-11023DC985AB}
    [2012.07.03 13:03:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{250FD9DF-65CC-41C4-BB16-5A0C5CF30040}
    [2012.06.28 17:46:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{E6A4386D-89F1-4A5F-B414-6C37BE722011}
    [2012.06.28 17:46:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{7FD9D8C6-0060-42AF-BF25-81064790555C}
    [2012.06.27 17:02:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{2C12FFF5-24BE-4C43-84A3-BAE7017592D8}
    [2012.06.27 17:01:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{EBD05ADB-1EE5-444D-83E4-99D9FE589B52}
    [2012.06.27 13:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
    [2012.06.27 13:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
    [2012.06.21 21:03:27 | 000,000,000 | R--D | C] -- C:\Users\***\.jenny
    [2012.06.21 21:02:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2012.06.21 21:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2012.06.21 21:00:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
    [2012.06.21 21:00:33 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
    [2012.06.21 21:00:33 | 000,687,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
    [2012.06.21 21:00:33 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
    [2012.06.21 21:00:26 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
    [2012.06.21 21:00:26 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
    [2012.06.21 21:00:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
    [2012.06.19 14:28:29 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
    [2012.06.19 14:28:29 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
    [2012.06.19 14:28:29 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
    [2012.06.19 14:28:18 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
    [2012.06.19 14:28:18 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
    [2012.06.19 14:28:18 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
    [2012.06.19 14:28:07 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
    [2012.06.19 14:28:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
    [2012.06.14 08:36:01 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2012.06.14 08:36:01 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2012.06.14 08:35:52 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2012.06.14 08:35:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2012.06.14 08:35:51 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2012.06.14 08:35:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2012.06.14 08:35:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2012.06.14 08:35:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2012.06.14 08:35:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2012.06.14 08:35:49 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2012.06.14 08:35:49 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2012.06.14 08:35:49 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2012.06.14 08:35:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2012.06.14 08:35:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2012.06.14 08:35:48 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2012.06.14 08:35:48 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2012.06.14 08:35:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2012.06.14 08:34:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
    [2012.06.14 08:34:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
    [2012.06.14 08:34:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
    [2012.06.14 08:34:40 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
    [2012.06.14 08:34:30 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
    [2012.06.14 08:34:29 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
    [2012.06.12 18:17:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Macromedia
    [2012.06.09 16:20:51 | 000,000,000 | ---D | C] -- D:\Eigene Dateien\Eigene Dokumente\J&H
    [2012.06.09 16:20:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProtectDisc Driver Installer
    [2012.06.09 16:20:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ProtectDISC
    [2012.06.09 16:19:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
    [2012.06.09 16:18:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    [2012.06.09 16:18:25 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
    [2012.06.09 16:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bitComposer Games
    [2012.06.09 15:57:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bitComposer Games
     
    ========== Files - Modified Within 30 Days ==========
     
    [2012.07.06 14:45:34 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Eigene Dateien\Desktop\OTL.exe
    [2012.07.06 14:30:39 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012.07.06 14:30:39 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012.07.06 14:29:10 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2012.07.06 14:23:44 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012.07.06 14:23:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012.07.06 14:23:06 | 2140,741,631 | -HS- | M] () -- C:\hiberfil.sys
    [2012.07.06 13:09:02 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012.07.06 11:54:20 | 002,322,184 | ---- | M] (ESET) -- D:\Eigene Dateien\Desktop\esetsmartinstaller_enu.exe
    [2012.07.06 08:18:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.07.06 00:16:02 | 000,000,454 | ---- | M] () -- C:\user.js
    [2012.07.04 15:22:46 | 000,032,421 | ---- | M] () -- C:\Users\***\AppData\Local\recently-used.xbel
    [2012.07.02 12:24:30 | 000,036,190 | ---- | M] () -- D:\Eigene Dateien\Desktop\Sims_Profil2.jpg
    [2012.07.02 10:36:23 | 000,036,239 | ---- | M] () -- D:\Eigene Dateien\Desktop\Sims_Profil.jpg
    [2012.06.30 12:40:52 | 001,637,910 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012.06.30 12:40:52 | 000,703,230 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2012.06.30 12:40:52 | 000,665,112 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012.06.30 12:40:52 | 000,148,996 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2012.06.30 12:40:52 | 000,125,386 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012.06.27 13:38:52 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
    [2012.06.27 13:32:43 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012.06.27 13:32:43 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2012.06.27 13:29:54 | 000,010,296 | ---- | M] () -- D:\Eigene Dateien\Desktop\bookmarks.html
    [2012.06.27 09:44:56 | 000,008,828 | ---- | M] () -- D:\Eigene Dateien\Desktop\Highland Glen Lodges.jpg
    [2012.06.21 21:00:19 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
    [2012.06.21 21:00:19 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
    [2012.06.10 21:29:35 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000017B6.LCS
    [2012.06.09 16:17:51 | 000,002,114 | ---- | M] () -- C:\Users\Public\Desktop\Jekyll & Hyde.lnk
     
    ========== Files Created - No Company Name ==========
     
    [2012.07.06 14:29:10 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2012.07.06 08:18:35 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.07.06 00:16:02 | 000,000,454 | ---- | C] () -- C:\user.js
    [2012.07.04 15:22:46 | 000,032,421 | ---- | C] () -- C:\Users\***\AppData\Local\recently-used.xbel
    [2012.07.02 12:24:30 | 000,036,190 | ---- | C] () -- D:\Eigene Dateien\Desktop\Sims_Profil2.jpg
    [2012.07.02 10:36:23 | 000,036,239 | ---- | C] () -- D:\Eigene Dateien\Desktop\Sims_Profil.jpg
    [2012.06.27 13:38:52 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
    [2012.06.27 13:38:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    [2012.06.27 13:29:54 | 000,010,296 | ---- | C] () -- D:\Eigene Dateien\Desktop\bookmarks.html
    [2012.06.27 09:44:55 | 000,008,828 | ---- | C] () -- D:\Eigene Dateien\Desktop\Highland Glen Lodges.jpg
    [2012.06.09 16:20:17 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\000017B6.LCS
    [2012.06.09 16:17:51 | 000,002,114 | ---- | C] () -- C:\Users\Public\Desktop\Jekyll & Hyde.lnk
    [2010.12.22 16:14:35 | 000,000,027 | ---- | C] () -- C:\Users\***\AppData\Local\settings.ini
    [2010.11.14 12:54:23 | 000,008,229 | ---- | C] () -- C:\Windows\aiptbl.ini
    [2010.11.12 16:28:11 | 000,004,176 | ---- | C] () -- C:\Windows\SysWow64\Hpi_icon.dll
    [2010.11.12 15:36:42 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010.11.11 16:46:47 | 001,659,496 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010.11.11 13:29:07 | 000,000,035 | ---- | C] () -- C:\Windows\iltwain.ini
    [2010.11.11 13:24:56 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\DYMOCFG.DLL
    [2010.11.11 12:32:08 | 000,000,025 | ---- | C] () -- C:\Windows\CDEALC1100Euro.ini
    [2010.11.09 18:12:52 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
     
    ========== LOP Check ==========
     
    [2010.11.11 16:53:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ACD Systems
    [2011.05.27 15:40:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CD-LabelPrint
    [2010.11.11 19:55:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Epson
    [2011.03.08 16:14:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PC Suite
    [2012.06.09 16:20:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ProtectDISC
    [2012.05.28 16:36:39 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
     
    ========== Purity Check ==========
     
     
     
    ========== Alternate Data Streams ==========
     
    @Alternate Data Stream - 188 bytes -> D:\Eigene Dateien\Desktop\Paris_1.jpeg:3or4kl4x13tuuug3Byamue2s4b
    
    < End of report >
    Ich hoffe ihr könnt mir helfen! Ich trau meinem Internet nicht mehr über den weg, trau mich gar nicht irgendwo einzuloggen aus Angst, dass incredibar meine daten und passwörter klaut...
    Liebe Grüße,
    Sally

    Könnte mir bitte jemand helfen?

    Ich schieb's nochmal nach oben, in der Hoffnung, dass mir jemand helfen kann...
    ;-)
    Ich brauche wirklich fremde Hilfe, weil ich schon alles Mögliche probiert habe.
    Vielen Dank und ganz liebe Grüße!
    Geändert von Petra (08.07.2012 um 12:31 Uhr) Grund: Beiträge zusammengefügt, damit die Helfer sehen, dass der Thread noch nicht in Arbeit ist

  2. #2
    Moderator Avatar von kira
    Registriert seit
    04.02.2012
    Ort
    Wien - Sprachen: Deutsch-Ungarisch
    Beiträge
    9.744
    Herzlich Willkommen in unserem Forum!

    **Bevor wir unsere Zusammenarbeit beginnen, lies dir diese Einführung durch und ich bitte um kurze Bestätigung, dass du dies gelesen und akzeptiert hast!:-> Worauf musst Du während der Bereinigung achten?
    ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG! - da die Fehlerprüfung und Handlung werden über große Entfernungen (online) durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    ► Unrechtmäßig erworbene Software (durch Keygen, Crack, Keymaker) wird nicht geduldet, in diesem Fall wird der Support eingestellt.!
    Die von mir angegebenen Anweisungen, immer vollständig und genau erledigen (werden ja oft mehrere Schritte gleichzeitig angewendet)
    ► Falls unvorhersehbare Probleme auftreten sollten, bitte um sofortige Rückmeldung! Bis auf weiteres (ohne Abspräche) keine eigenen Aktivitäten vornehmen!

    ► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
    **Vista und Win7 Verwender: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen

    1.
    Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
    • Download den CCleaner
    • Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
    • starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
    • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)


    Bitte alle Ergebnisse im Code-Tags posten!

    vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
    hier kommt dein Logfile rein
    dahinter - also am Ende der Logdatei:[/code]
    gruß
    kira

    Warnung!:
    Vorsicht geboten bei Rechnung/Mahnung per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!

  3. #3
    Einsteiger
    Registriert seit
    06.07.2012
    Beiträge
    5
    Hallo Kira,
    anbei sende ich dir die gewünschte CCleaner-Analyse:
    Code:
    2007 Microsoft Office system	Microsoft Corporation	29.03.2012		12.0.6612.1000
    7-Zip 9.20		27.03.2011		
    7-Zip 9.20 (x64 edition)	Igor Pavlov	14.05.2012	3,44MB	9.20.00.0
    ABBYY FineReader 9.0 Sprint	ABBYY	10.11.2010		9.01.513.58212
    ACDSee Pro 3	ACD Systems International Inc.	11.11.2010	256MB	3.0.355
    Adobe Flash Player 11 ActiveX 64-bit	Adobe Systems Incorporated	14.05.2012	6,00MB	11.2.202.235
    Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	27.06.2012	6,00MB	11.3.300.262
    Adobe Reader X (10.1.3) - Deutsch	Adobe Systems Incorporated	27.06.2012	121MB	10.1.3
    ArcSoft MediaImpression 2	ArcSoft	10.11.2010		2.0.14.672
    b-PAC 3.0 Client Component	Brother Industries, Ltd.	11.11.2010	5,96MB	3.0.010
    Borland Data Engine	Roche Diagnostics	11.11.2010	7,98MB	5.2.0
    Brother P-touch Editor 5.0	Brother Industries, Ltd.	14.11.2010	22,3MB	5.0.1200
    Canon iP4500 series		11.11.2010		
    Canon iP4500 series Benutzerregistrierung		11.11.2010		
    Canon My Printer		11.11.2010		
    Canon Utilities Easy-PhotoPrint EX		11.11.2010		
    Canon Utilities Solution Menu		11.11.2010		
    CCleaner	Piriform	22.06.2012		3.20
    CD-LabelPrint		11.11.2010		
    Digital microscope	Vimicro Corp.	22.12.2010		2009.03.18
    DYMO Label v.8	Sanford, L.P.	11.11.2010		8.2.2.996
    Epson Copy Utility 3.5		10.11.2010		3.5.0.0
    Epson Event Manager	SEIKO EPSON CORPORATION	10.11.2010	40,5MB	2.40.0002
    EPSON Perfection V33/V330 Handbuch		10.11.2010		
    EPSON Scan	Seiko Epson Corporation	10.11.2010		
    EPSON-Drucker-Software		11.11.2010		
    ESET NOD32 Antivirus	ESET, spol. s r.o.	06.07.2012	71,0MB	5.2.9.12
    ESET Online Scanner v3		06.07.2012		
    Free Notes & Office Ink	 	14.11.2010		 
    Garmin Trip and Waypoint Manager v4	Garmin Ltd or its subsidiaries	12.11.2010	28,1MB	4.0.0.0
    GIMP 2.6.12	The GIMP Team	03.06.2012	211MB	2.6.12
    Google Toolbar for Internet Explorer	Google Inc.	18.03.2012		7.3.2710.138
    Java(TM) 6 Update 22 (64-bit)	Oracle	12.12.2010	90,6MB	6.0.220
    Java(TM) 7 Update 5	Oracle	21.06.2012	99,3MB	7.0.50
    JavaFX 2.1.1	Oracle Corporation	21.06.2012	20,8MB	2.1.1
    Jekyll&Hyde	bitComposer Games GmbH	09.06.2012		v1.0
    MacroKey Manager		14.11.2010		
    Malwarebytes Anti-Malware Version 1.61.0.1400	Malwarebytes Corporation	06.07.2012	18,0MB	1.61.0.1400
    Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	11.11.2010	38,8MB	4.0.30319
    Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	11.11.2010	2,93MB	4.0.30319
    Microsoft Office File Validation Add-In	Microsoft Corporation	22.11.2011	7,95MB	14.0.5130.5003
    Microsoft Office Live Add-in 1.5	Microsoft Corporation	14.05.2012	508KB	2.0.4024.1
    Microsoft Security Essentials	Microsoft Corporation	01.05.2012		4.0.1526.0
    Microsoft SQL Server 2005	Microsoft Corporation	11.11.2010		
    Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	22.05.2012	1,69MB	3.1.0000
    Microsoft SQL Server Native Client	Microsoft Corporation	23.04.2011	5,83MB	9.00.5000.00
    Microsoft SQL Server Setup Support Files (English)	Microsoft Corporation	23.04.2011	28,9MB	9.00.5000.00
    Microsoft SQL Server VSS Writer	Microsoft Corporation	23.04.2011	1,10MB	9.00.5000.00
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	11.11.2010	252KB	8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	13.07.2011	300KB	8.0.61001
    Mozilla Firefox 13.0.1 (x86 de)	Mozilla	07.07.2012	35,9MB	13.0.1
    Mozilla Maintenance Service	Mozilla	07.07.2012	199KB	13.0.1
    MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	12.11.2010	1,27MB	4.20.9870.0
    MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	12.11.2010	1,33MB	4.20.9876.0
    Nokia Connectivity Cable Driver	Nokia	08.03.2011	3,85MB	7.1.36.0
    Nokia Connectivity Cable Driver		08.03.2011		7.1.32.58
    Nokia Ovi Suite	Nokia	08.03.2011		3.0.0.290
    Nokia Ovi Suite Software Updater	Nokia Corporation	08.03.2011	42,2MB	02.06.006.44298
    Nokia Software Updater	Nokia Corporation	08.03.2011	45,4MB	02.06.006.44298
    NVIDIA Display Control Panel	NVIDIA Corporation	11.11.2010		6.14.12.5896
    NVIDIA Drivers	NVIDIA Corporation	11.11.2010	63,0MB	1.10.62.40
    NVIDIA PhysX	NVIDIA Corporation	09.06.2012	79,8MB	9.10.0129
    Papierstau-Handbuch ALC1100		11.11.2010		
    PC Connectivity Solution	Nokia	08.03.2011	19,7MB	10.50.2.0
    PIXMA Extended Survey Program		11.11.2010		
    PowerRoute 9 professional	G DATA Software AG	20.02.2011		10.6
    ProtectDisc Driver, Version 11	ProtectDisc Software GmbH	09.06.2012		11.0.0.14
    Realtek Ethernet Controller Driver For Windows 7	Realtek	09.11.2010		7.17.304.2010
    Referenzhandbuch ALC1100		11.11.2010		
    Skype™ 5.9	Skype Technologies S.A.	03.06.2012	19,3MB	5.9.115
    Windows Live Essentials	Microsoft Corporation	22.05.2012		15.4.3555.0308
    Windows Mobile-Gerätecenter	Microsoft Corporation	11.11.2010	27,4MB	6.1.6965.0
    Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)	Nokia	08.03.2011		08/22/2008 7.0.0.0
    WinZip 14.5	WinZip Computing, S.L. 	11.11.2010	19,9MB	14.5.9095
    Danke für deine Hilfe...

  4. #4
    Moderator Avatar von kira
    Registriert seit
    04.02.2012
    Ort
    Wien - Sprachen: Deutsch-Ungarisch
    Beiträge
    9.744
    Systemreinigung und Prüfung:

    1.
    Deine eigenen Einstellungen, sofern Du welche vorgenommen hast bzw bekannte Einstellung?:
    Code:
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = *****S**@t-online.de
    2.
    Achtung wichtig!:
    Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
    (Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
    Fixen mit OTL
    • Starte die OTL.exe.
    • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
    • Kopiere folgendes Skript (unverändert - also beginnend :OTL bis zur letzten Zeile [emptytemp] (ohne "code"!):
    Code:
    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7WZPC_de
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6PQCA8V1eR&i=26
    IE - HKU\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    [2012.06.19 08:54:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
    [2012.06.19 08:54:46 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012.06.19 08:54:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
    [2012.06.19 08:54:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
    [2012.06.19 08:54:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
    O4:64bit: - HKLM..\Run: []  File not found
    O4 - HKU\S-1-5-21-944106507-3691109379-2109958795-1000..\Run: []  File not found
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    [2012.07.06 14:23:44 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012.07.06 13:09:02 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    @Alternate Data Stream - 188 bytes -> D:\Eigene Dateien\Desktop\Paris_1.jpeg:3or4kl4x13tuuug3Byamue2s4b
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [purity]
    [emptytemp]
    • und füge es hier ein:
    • Schließe alle Programme.
    • Klicke auf den Fix Button.
    • Klick auf .
    • OTL verlangt einen Neustart. Bitte zulassen.
    • Nach dem Neustart findest Du ein Textdokument.
      Kopiere den Inhalt hier in Code-Tags in Deinen Thread.


    3.
    Öffne CCleaner - Anleitung CCleaner
    • "Cleaner"->"Analysieren"-> Klick auf den Button "Start CCleaner"
    • "Registry""Fehler suchen"-> "Fehler beheben"->"Alle beheben"
    • Starte dein System neu auf


    4.
    Tipps (unabhängig davon ob man ihn benutzt oder nicht, muss gepflegt werden!):
    -> Tipps zu Internet Explorer
    -> Standard Suchmaschine des Explorers ändern
    -> Ändern oder Auswählen eines Suchanbieters in Internet Explorer 7/8
    -> Wie kann ich den Cache im Internet Explorer leeren?

    5.
    Malware-Scan mit Emsisoft Anti-Malware 5.0

    Ohne Hintergrundwächter durchsucht Emsisoft Anti-Malware 5.0 den Computer auf Befall von Trojanern, Spyware, Adware, Würmern, Keyloggern, Rootkits, Dialern und anderen schädlichen Programmen. Das Programm ist geeignet für für Windows 98, ME, 2000, XP, 2003 Server und Vista.

    Lade die Gratisversion von => Emsisoft Anti-Malware 5.0 herunter und installiere das Programm.
    Lade über Jetzt Updaten die aktuellen Signaturen herunter.
    Wähle den Freeware-Modus aus.

    Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
    Am Ende des Scans alle Funde markieren und über den Button Ausgewählte in Quarantäne schicken.
    Über den Button Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten

    6.
    erneut einen Scan mit OTL: - ältere Logdateien löschen!
    • Doppelklick auf die OTL.exe
    • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
    • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
    • Unter Extra Registry, wähle bitte Use SafeList
    • Klicke nun auf Run Scan links oben
    • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und extra.txt
    • Poste die Logfiles in Code-Tags hier in den Thread.

    ** Die Logs von OTL meistens sind zu lang, kannst auch als Textdatei anhängen (auf "Erweitert") klicken

    ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

    Warnung!:
    Vorsicht geboten bei Rechnung/Mahnung per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!

  5. #5
    Einsteiger
    Registriert seit
    06.07.2012
    Beiträge
    5
    Also, ich habe den Fix durchgeführt, danach kam das heraus:
    Code:
    All processes killed
    ========== OTL ==========
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
    HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
    HKU\S-1-5-21-944106507-3691109379-2109958795-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
    HKEY_USERS\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
    Registry key HKEY_USERS\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
    Registry key HKEY_USERS\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
    HKU\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
    C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll moved successfully.
    Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
    File C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll not found.
    C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml moved successfully.
    C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.
    C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml moved successfully.
    C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml moved successfully.
    C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Registry value HKEY_USERS\S-1-5-21-944106507-3691109379-2109958795-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
    Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
    Unable to delete ADS D:\Eigene Dateien\Desktop\Paris_1.jpeg:3or4kl4x13tuuug3Byamue2s4b .
    ========== FILES ==========
    < ipconfig /flushdns /c >
    Windows-IP-Konfiguration
    Der DNS-Aufl”sungscache wurde geleert.
    D:\Eigene Dateien\Desktop\cmd.bat deleted successfully.
    D:\Eigene Dateien\Desktop\cmd.txt deleted successfully.
    ========== COMMANDS ==========
     
    [EMPTYTEMP]
     
    User: All Users
     
    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
     
    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
     
    User: ***
    ->Temp folder emptied: 102540719 bytes
    ->Temporary Internet Files folder emptied: 1291982 bytes
    ->Java cache emptied: 473916 bytes
    ->FireFox cache emptied: 383531881 bytes
    ->Flash cache emptied: 506 bytes
     
    User: Public
     
    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 2638268 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
    RecycleBin emptied: 0 bytes
     
    Total Files Cleaned = 468,00 mb
     
     
    OTL by OldTimer - Version 3.2.53.1 log created on 07092012_193507
    
    Files\Folders moved on Reboot...
    C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    
    PendingFileRenameOperations files...
    File C:\Users\***\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
    
    Registry entries deleted on Reboot...
    Anschließend CCleaner angewendet, Emsisoft funktioniert bei Win7 nicht, daher Scan mit Malwarebytes (nix gefunden)
    Nochmal Scan mit OTL.
    OTL.txt:
    Code:
    OTL logfile created on: 09.07.2012 19:47:32 - Run 3
    OTL by OldTimer - Version 3.2.53.1     Folder = D:\Eigene Dateien\Desktop
    64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    7,99 Gb Total Physical Memory | 6,44 Gb Available Physical Memory | 80,54% Memory free
    15,98 Gb Paging File | 14,23 Gb Available in Paging File | 89,05% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 78,03 Gb Total Space | 23,14 Gb Free Space | 29,66% Space Free | Partition Type: NTFS
    Drive D: | 387,64 Gb Total Space | 318,17 Gb Free Space | 82,08% Space Free | Partition Type: NTFS
    Drive F: | 1397,26 Gb Total Space | 1043,64 Gb Free Space | 74,69% Space Free | Partition Type: NTFS
    Drive G: | 14,92 Gb Total Space | 5,47 Gb Free Space | 36,65% Space Free | Partition Type: FAT32
     
    Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - D:\Eigene Dateien\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Programme\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
    PRC - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
    PRC - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
    PRC - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
    PRC - C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe ()
    PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
    PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Nokia)
    PRC - C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.)
    PRC - C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe (Sanford, L.P.)
    PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
    PRC - C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
    PRC - C:\Program Files (x86)\Common Files\ACD Systems\DE\DevDetect.exe (ACD Systems International Inc.)
    PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
    PRC - C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
    PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\c366ebd7f33816762268154efc68176d\System.Core.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\plugins\nps.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXmlPatterns4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtCore4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtNetwork4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qjpeg4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\imageformats\qgif4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtWebKit4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtGui4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtDeclarative4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtScript4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtOpenGL4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtXml4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\phonon4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\QtSql4.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Maps Service API.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\OviShareLib.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\noaipcclient.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\wrtserviceipcclient.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\CommonUpdateChecker.dll ()
    MOD - C:\Program Files (x86)\Common Files\Nokia\NoA\nokiaaserver.exe ()
    MOD - C:\Program Files (x86)\Common Files\Nokia\NoA\wrtserviceipcserver.dll ()
    MOD - C:\Program Files (x86)\Common Files\Nokia\NoA\qtsecurestorage.dll ()
    MOD - C:\Program Files (x86)\Common Files\Nokia\NoA\cryptodll.dll ()
    MOD - C:\Program Files (x86)\Common Files\Nokia\NoA\qtsecurestorageserver.dll ()
    MOD - C:\Program Files (x86)\Common Files\Nokia\NoA\QtGui4.dll ()
    MOD - C:\Program Files (x86)\Common Files\Nokia\NoA\QtNetwork4.dll ()
    MOD - C:\Program Files (x86)\Common Files\Nokia\NoA\QtXml4.dll ()
    MOD - C:\Program Files (x86)\Common Files\Nokia\NoA\QtCore4.dll ()
    MOD - C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.Common.dll ()
    MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
    MOD - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\zlib1.dll ()
     
     
    ========== Win32 Services (SafeList) ==========
     
    SRV:64bit: - (WTService) -- C:\Windows\SysNative\atwtusb.exe ()
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
    SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
    SRV - (ekrn) -- C:\Programme\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
    SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
    SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
    SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)
    SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
    SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
    SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
    DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
    DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
    DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
    DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
    DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
    DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
    DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
    DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
    DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
    DRV:64bit: - (acedrv11) -- C:\Windows\SysNative\drivers\acedrv11.sys (Protect Software GmbH)
    DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
    DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
    DRV:64bit: - (vhidmini) -- C:\Windows\SysNative\drivers\walvhid.sys (Windows (R) Win 7 DDK provider)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
    DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
    DRV:64bit: - (VMUVC) -- C:\Windows\SysNative\drivers\vmuvc.sys (Vimicro Corporation)
    DRV:64bit: - (moufiltr) -- C:\Windows\SysNative\drivers\moufiltr.sys (Windows (R) Codename Longhorn DDK provider)
    DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
    DRV:64bit: - (vvftUVC) -- C:\Windows\SysNative\drivers\vvftUVC.sys (Vimicro Corporation)
    DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
    DRV:64bit: - (PID_PEPI) Logitech QuickCam IM(PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.)
    DRV:64bit: - (lvpepf64) -- C:\Windows\SysNative\drivers\lv302a64.sys (Logitech Inc.)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = 
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A EC 4C CA 19 5C CD 01  [binary data]
    IE - HKCU\..\SearchScopes,DefaultScope = 
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = *****S**@t-online.de
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.search.defaultenginename: "www.google.de"
    FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "about:home"
    FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.8
    FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
    FF - prefs.js..keyword.URL: "www.google.de"
     
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
     
    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.03.08 16:09:20 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.07 10:27:17 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.27 13:38:51 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.03.08 16:09:20 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.07.06 10:16:30 | 000,000,000 | ---D | M]
     
    [2010.11.09 18:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
    [2012.07.06 00:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\9uniihas.default\extensions
    [2012.07.07 10:27:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
    [2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
     
    O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
    O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
    O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
    O4:64bit: - HKLM..\Run: [MacroKeyManager] C:\Windows\SysNative\WTMKM.exe ()
    O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
    O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [DLSService] C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe (Sanford, L.P.)
    O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
    O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
    O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
    O4 - HKCU..\Run: [Device Detector] DevDetect.exe -autorun File not found
    O4 - HKCU..\Run: [DymoQuickPrint] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe (Sanford, L.P.)
    O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
    O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
    O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FE05FAD7-1FCD-4ADF-ACD7-EA876285B38B}: DhcpNameServer = 192.168.2.1
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2012.07.07 10:27:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
    [2012.07.06 14:45:29 | 000,595,968 | ---- | C] (OldTimer Tools) -- D:\Eigene Dateien\Desktop\OTL.exe
    [2012.07.06 14:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    [2012.07.06 14:29:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
    [2012.07.06 11:55:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
    [2012.07.06 11:54:10 | 002,322,184 | ---- | C] (ESET) -- D:\Eigene Dateien\Desktop\esetsmartinstaller_enu.exe
    [2012.07.06 10:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
    [2012.07.06 10:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
    [2012.07.06 10:16:23 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2012.07.06 08:18:41 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
    [2012.07.06 08:18:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012.07.06 08:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012.07.06 08:18:30 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2012.07.06 08:18:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2012.07.06 00:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Premium
    [2012.07.06 00:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
    [2012.07.03 13:03:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{0B10CEB9-F2FC-4B10-9770-11023DC985AB}
    [2012.07.03 13:03:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{250FD9DF-65CC-41C4-BB16-5A0C5CF30040}
    [2012.06.28 17:46:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{E6A4386D-89F1-4A5F-B414-6C37BE722011}
    [2012.06.28 17:46:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{7FD9D8C6-0060-42AF-BF25-81064790555C}
    [2012.06.27 17:02:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{2C12FFF5-24BE-4C43-84A3-BAE7017592D8}
    [2012.06.27 17:01:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{EBD05ADB-1EE5-444D-83E4-99D9FE589B52}
    [2012.06.27 13:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
    [2012.06.27 13:38:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
    [2012.06.21 21:03:27 | 000,000,000 | R--D | C] -- C:\Users\***\.jenny
    [2012.06.21 21:02:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2012.06.21 21:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2012.06.21 21:00:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
    [2012.06.21 21:00:33 | 000,772,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
    [2012.06.21 21:00:33 | 000,687,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
    [2012.06.21 21:00:33 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
    [2012.06.21 21:00:26 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
    [2012.06.21 21:00:26 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
    [2012.06.21 21:00:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
    [2012.06.19 14:28:29 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
    [2012.06.19 14:28:29 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
    [2012.06.19 14:28:29 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
    [2012.06.19 14:28:18 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
    [2012.06.19 14:28:18 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
    [2012.06.19 14:28:18 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
    [2012.06.19 14:28:07 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
    [2012.06.19 14:28:07 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
    [2012.06.14 08:36:01 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2012.06.14 08:36:01 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2012.06.14 08:35:52 | 000,736,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2012.06.14 08:35:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
    [2012.06.14 08:35:51 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
    [2012.06.14 08:35:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
    [2012.06.14 08:35:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
    [2012.06.14 08:35:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2012.06.14 08:35:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2012.06.14 08:35:49 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
    [2012.06.14 08:35:49 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
    [2012.06.14 08:35:49 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
    [2012.06.14 08:35:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
    [2012.06.14 08:35:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
    [2012.06.14 08:35:48 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
    [2012.06.14 08:35:48 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
    [2012.06.14 08:35:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
    [2012.06.14 08:34:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
    [2012.06.14 08:34:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
    [2012.06.14 08:34:55 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
    [2012.06.14 08:34:40 | 003,213,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
    [2012.06.14 08:34:30 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
    [2012.06.14 08:34:29 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
    [2012.06.12 18:17:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Macromedia
     
    ========== Files - Modified Within 30 Days ==========
     
    [2012.07.09 19:44:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012.07.09 19:44:13 | 2140,741,631 | -HS- | M] () -- C:\hiberfil.sys
    [2012.07.09 19:43:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012.07.09 19:43:22 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012.07.09 19:43:08 | 000,059,804 | ---- | M] () -- D:\Eigene Dateien\Eigene Dokumente\cc_20120709_194258.reg
    [2012.07.09 10:42:56 | 001,637,910 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012.07.09 10:42:56 | 000,703,230 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
    [2012.07.09 10:42:56 | 000,665,112 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012.07.09 10:42:56 | 000,148,996 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
    [2012.07.09 10:42:56 | 000,125,386 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012.07.07 10:27:20 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012.07.06 14:45:34 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Eigene Dateien\Desktop\OTL.exe
    [2012.07.06 14:29:10 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2012.07.06 11:54:20 | 002,322,184 | ---- | M] (ESET) -- D:\Eigene Dateien\Desktop\esetsmartinstaller_enu.exe
    [2012.07.06 08:18:35 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.07.06 00:16:02 | 000,000,454 | ---- | M] () -- C:\user.js
    [2012.07.04 15:22:46 | 000,032,421 | ---- | M] () -- C:\Users\***\AppData\Local\recently-used.xbel
    [2012.07.02 12:24:30 | 000,036,190 | ---- | M] () -- D:\Eigene Dateien\Desktop\Sims_Profil2.jpg
    [2012.07.02 10:36:23 | 000,036,239 | ---- | M] () -- D:\Eigene Dateien\Desktop\Sims_Profil.jpg
    [2012.06.27 13:38:52 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
    [2012.06.27 13:32:43 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2012.06.27 13:32:43 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2012.06.27 13:29:54 | 000,010,296 | ---- | M] () -- D:\Eigene Dateien\Desktop\bookmarks.html
    [2012.06.27 09:44:56 | 000,008,828 | ---- | M] () -- D:\Eigene Dateien\Desktop\Highland Glen Lodges.jpg
    [2012.06.21 21:00:19 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
    [2012.06.21 21:00:19 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
    [2012.06.10 21:29:35 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000017B6.LCS
     
    ========== Files Created - No Company Name ==========
     
    [2012.07.09 19:43:03 | 000,059,804 | ---- | C] () -- D:\Eigene Dateien\Eigene Dokumente\cc_20120709_194258.reg
    [2012.07.07 10:27:20 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2012.07.07 10:27:20 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012.07.06 14:29:10 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2012.07.06 08:18:35 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012.07.06 00:16:02 | 000,000,454 | ---- | C] () -- C:\user.js
    [2012.07.04 15:22:46 | 000,032,421 | ---- | C] () -- C:\Users\***\AppData\Local\recently-used.xbel
    [2012.07.02 12:24:30 | 000,036,190 | ---- | C] () -- D:\Eigene Dateien\Desktop\Sims_Profil2.jpg
    [2012.07.02 10:36:23 | 000,036,239 | ---- | C] () -- D:\Eigene Dateien\Desktop\Sims_Profil.jpg
    [2012.06.27 13:38:52 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
    [2012.06.27 13:38:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    [2012.06.27 13:29:54 | 000,010,296 | ---- | C] () -- D:\Eigene Dateien\Desktop\bookmarks.html
    [2012.06.27 09:44:55 | 000,008,828 | ---- | C] () -- D:\Eigene Dateien\Desktop\Highland Glen Lodges.jpg
    [2010.12.22 16:14:35 | 000,000,027 | ---- | C] () -- C:\Users\***\AppData\Local\settings.ini
    [2010.11.14 12:54:23 | 000,008,229 | ---- | C] () -- C:\Windows\aiptbl.ini
    [2010.11.12 16:28:11 | 000,004,176 | ---- | C] () -- C:\Windows\SysWow64\Hpi_icon.dll
    [2010.11.12 15:36:42 | 000,003,584 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2010.11.11 16:46:47 | 001,659,496 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
    [2010.11.11 13:29:07 | 000,000,035 | ---- | C] () -- C:\Windows\iltwain.ini
    [2010.11.11 13:24:56 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\DYMOCFG.DLL
    [2010.11.11 12:32:08 | 000,000,025 | ---- | C] () -- C:\Windows\CDEALC1100Euro.ini
    [2010.11.09 18:12:52 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
     
    ========== Alternate Data Streams ==========
     
    @Alternate Data Stream - 188 bytes -> D:\Eigene Dateien\Desktop\Paris_1.jpeg:3or4kl4x13tuuug3Byamue2s4b
    
    < End of report >
    Extra.txt:
    Code:
    OTL Extras logfile created on: 09.07.2012 19:47:32 - Run 3
    OTL by OldTimer - Version 3.2.53.1     Folder = D:\Eigene Dateien\Desktop
    64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    7,99 Gb Total Physical Memory | 6,44 Gb Available Physical Memory | 80,54% Memory free
    15,98 Gb Paging File | 14,23 Gb Available in Paging File | 89,05% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 78,03 Gb Total Space | 23,14 Gb Free Space | 29,66% Space Free | Partition Type: NTFS
    Drive D: | 387,64 Gb Total Space | 318,17 Gb Free Space | 82,08% Space Free | Partition Type: NTFS
    Drive F: | 1397,26 Gb Total Space | 1043,64 Gb Free Space | 74,69% Space Free | Partition Type: NTFS
    Drive G: | 14,92 Gb Total Space | 5,47 Gb Free Space | 36,65% Space Free | Partition Type: FAT32
     
    Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
     
    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [ACDSee Pro 3.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [ACDSee Pro 3.Manage] -- "C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1
     
    ========== Authorized Applications List ==========
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{00C403AA-EC42-44E9-91D0-45CF9349C731}" = rport=139 | protocol=6 | dir=out | app=system | 
    "{07B50F29-5708-46F3-9321-338F680266C7}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "{1357EFFE-E0F5-4DB6-B073-0500CCB9F218}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "{15794840-87E2-4C0A-9C53-20576DFE023C}" = rport=137 | protocol=17 | dir=out | app=system | 
    "{1FC2B803-B126-4B4C-A0E2-666619BE60D0}" = lport=139 | protocol=6 | dir=in | app=system | 
    "{28E962D6-22DA-4DB4-8FD0-87512515AAFC}" = rport=138 | protocol=17 | dir=out | app=system | 
    "{2EA5C65C-560F-40FC-88B7-B3058857F03A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{322A91E9-19BF-42C2-A176-8A3187E9B9A7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
    "{3DA615D5-4E24-4BBB-9F35-130EA0F98E01}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{52FE63A5-E8C1-4C3B-BFEF-DA2538BD7493}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
    "{60F0B434-BF75-4F12-836E-7C2444A853AB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
    "{6A76E232-5EFD-4E37-A28F-F53C646E2812}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
    "{79982198-3362-4CF9-A7E2-5B176E93D371}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{8127EEBE-C2AE-485F-8421-42EC6C0E4308}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "{89A7BFE5-6146-4437-A667-2E7709EE7660}" = rport=445 | protocol=6 | dir=out | app=system | 
    "{907A6046-EE73-4186-8186-5B41BC4D33F5}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
    "{91B08F58-7D31-4D62-98C9-81087810F365}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "{970DFF41-124A-4A1E-B185-6B046774BEAE}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
    "{97D9C581-F8A6-44F9-9E95-CCC9F37E3567}" = lport=10243 | protocol=6 | dir=in | app=system | 
    "{98AF4C72-F194-4464-9FBD-39F6913078EE}" = lport=137 | protocol=17 | dir=in | app=system | 
    "{A08E047E-2481-4832-AC83-C372C705B851}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
    "{A1FA19AF-6BCF-4D95-93DB-1C966A5A8F2E}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "{A6835C48-F9EF-40EF-A4A9-8583B3135AFB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
    "{AB489CE7-C853-44D3-8B23-1B5CAC1F1B26}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "{AF09325F-2896-43FE-8DD3-4558D0A0F69A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
    "{AF744603-E579-4B0B-BEB6-ECAA72FB21F5}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
    "{B38DB74D-C628-4266-A969-77DE60615287}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
    "{BBB8FF19-518E-487A-A315-1B2BD1AB977A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
    "{BE797392-B10F-4CAB-A0FF-8A7AFB482578}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
    "{D2701B41-B6DE-4DB3-AA24-290C356FEDC2}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
    "{DA7905C0-F66F-4BFD-93C9-2E090B3AB676}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
    "{DC700F01-2118-4DBD-A6C6-1AAA512D96BB}" = rport=10243 | protocol=6 | dir=out | app=system | 
    "{E2DDC9A6-4608-43F2-BB2F-C941C9A760CF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
    "{F2C3D023-4AD6-4E5B-B1D7-A0195894A0A5}" = lport=138 | protocol=17 | dir=in | app=system | 
    "{F50D63D5-AE39-448F-A2A4-27E3CB6CC6C5}" = lport=445 | protocol=6 | dir=in | app=system | 
    "{FBB34615-80D5-416E-8A50-C8D95A496559}" = lport=2869 | protocol=6 | dir=in | app=system | 
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0563ED24-A1A2-47F2-9C49-634581493E2B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
    "{05772B82-160B-4553-86ED-D113E84BBBFD}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
    "{0710BB98-7FCC-4149-89D4-988C047CA27A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
    "{0C6CB35A-B8DD-4895-8C0B-33F6D2D94C21}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
    "{1FC27CEA-ACCC-4629-8463-2D0DAEA63BD6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
    "{21B41488-3F30-457E-B21A-080DCD5839E2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{37C27EB1-847E-49BC-B745-A31C7F404C41}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
    "{38CFA78B-6357-45E6-8603-24D1EE7B82C9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{38E51159-EF45-44CE-9D9D-AB3F756B993E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
    "{3C223EC1-94F9-4A3A-8CC8-F530A3866029}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "{4C5C2758-4972-4947-A3B1-14263BED2A50}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
    "{5383A9C9-A76E-499E-82F0-6FFD8B56C138}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
    "{5B3B8076-25B3-4D8A-B1F1-5911E83FF432}" = dir=in | app=c:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe | 
    "{7BA08940-4030-4E44-88D8-8A9D1A5A2E2E}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "{84A53541-3BA5-45AB-9ACC-43B09B1AC7D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
    "{94487BB8-A073-41AA-8F05-0464157A45B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{9C374F0E-E19A-4033-AE9D-2F5B6D91E51B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
    "{9D11BECC-00E3-44AF-B737-32257691DA4F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{9F5ECBE4-876D-470E-880F-DD9F3CA2EFFE}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "{9FADFDD8-9998-4AF3-848E-167F3C996C8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{A3F77164-B8F5-428C-9C38-6C61F3BA3EAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
    "{AB18AC53-C52E-428B-8FF3-8E164971B9A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
    "{AF6D3C28-517C-49E4-BE9B-601255BDAFE5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{B557C742-7433-4A58-9987-72F4D958D17D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
    "{BD1C4CA3-3AF7-470B-B113-09B96E384BE7}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe | 
    "{BD3192BE-E687-4F11-BEE3-EF20219FF10F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
    "{CFDB0B27-A22E-4BAD-8D4C-45F0539A2532}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
    "{D0228A9B-1E7C-42F9-A8B5-7F666BC9B2A2}" = protocol=6 | dir=out | app=system | 
    "{DC6838DB-0797-4BE4-B5B9-E17A92643368}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
    "{DCA6059D-1D9C-425D-AA2E-26587D90D5E0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
    "{E81AFB11-2946-473A-8DCC-DF70826F7D0D}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
    "{E948E595-4757-4297-8186-A6899920CEA6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
    "{F3B93AC9-D57D-4D5E-9B84-A1220080CEB9}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
    "TCP Query User{DA4BA0C1-E818-4794-836E-1D3425EEAE63}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
    "TCP Query User{EFC60D56-8D19-4154-8E85-2EC689BB086E}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
    "UDP Query User{213E2E0C-BEA1-4E37-A131-C162F80DDDC7}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
    "UDP Query User{573BFC05-DEA2-46C1-96AC-04C0E4B73154}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe | 
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4500_series" = Canon iP4500 series
    "{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
    "{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
    "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
    "{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
    "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
    "{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
    "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
    "{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
    "{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
    "{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
    "{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
    "{E9641237-252F-467E-88FB-5CAB9E42583E}" = ESET NOD32 Antivirus
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
    "CanonMyPrinter" = Canon My Printer
    "CCleaner" = CCleaner
    "FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
    "GIMP-2_is1" = GIMP 2.6.12
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "Microsoft Security Client" = Microsoft Security Essentials
    "NVIDIA Display Control Panel" = NVIDIA Display Control Panel
    "NVIDIA Drivers" = NVIDIA Drivers
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{1B280FAF-AE10-4E31-A41A-DB3917D651DC}" = ACDSee Pro 3
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
    "{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
    "{28191B83-1D60-44B6-9B08-E854EF6632D5}" = Ovi Desktop Sync Engine
    "{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (ACCUCHEK360)
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
    "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
    "{3AF6EF15-5841-4FF8-A3FC-5B2400AB9145}" = Borland Data Engine
    "{3FC42713-B6E7-49AA-A553-A224FE9828A8}" = Nokia Ovi Suite
    "{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4D568C38-0552-4CDD-A643-01FAFA2957EF}" = Nokia Software Updater
    "{4F14BDF7-CA80-454D-A0FE-518755724151}" = b-PAC 3.0 Client Component
    "{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
    "{556F2137-B772-43BB-9A45-E0275234DD16}" = Free Notes & Office Ink
    "{67B9AF41-C0B9-4960-84D9-A61D23DE85D8}" = Garmin Trip and Waypoint Manager v4
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{71A51A91-E7D3-11DB-A386-005056C00008}" = Digital microscope
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{86115432-4810-4FB4-94B5-0BD65A3DD49A}" = PowerRoute 9 professional
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
    "{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
    "{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
    "{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
    "{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
    "{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
    "{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
    "{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0407-1000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
    "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
    "{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{90849E84-F026-4638-A184-E6FCFD472C34}" = Brother Software
    "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
    "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5
    "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
    "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
    "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
    "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
    "{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
    "{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
    "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
    "{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
    "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
    "{FB46F473-333E-4A06-A777-31C54188593E}" = ArcSoft MediaImpression 2
    "{FE5ED0AC-BCC8-482A-8B08-AA11D5F00152}" = Epson Event Manager
    "7-Zip" = 7-Zip 9.20
    "ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Canon iP4500 series Benutzerregistrierung" = Canon iP4500 series Benutzerregistrierung
    "CANONIJPLM100" = PIXMA Extended Survey Program
    "CanonSolutionMenu" = Canon Utilities Solution Menu
    "DYMO Label v.8" = DYMO Label v.8
    "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
    "EPSON Perfection V33_V330 Manual" = EPSON Perfection V33/V330 Handbuch
    "EPSON Scanner" = EPSON Scan
    "ESET Online Scanner" = ESET Online Scanner v3
    "InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}" = MacroKey Manager
    "InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}" = Brother P-touch Editor 5.0
    "JekyllHyde" = Jekyll&Hyde
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
    "MediaNavigation.CDLabelPrint" = CD-LabelPrint
    "Microsoft SQL Server 2005" = Microsoft SQL Server 2005
    "Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Nokia Ovi Suite" = Nokia Ovi Suite
    "Papierstau-Handbuch ALC1100" = Papierstau-Handbuch ALC1100
    "PROHYBRIDR" = 2007 Microsoft Office system
    "ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
    "Referenzhandbuch ALC1100" = Referenzhandbuch ALC1100
    "WinLiveSuite" = Windows Live Essentials
     
    ========== HKEY_CURRENT_USER Uninstall List ==========
     
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
     
    ========== Last 20 Event Log Errors ==========
     
    [ Application Events ]
    Error - 17.05.2012 05:41:24 | Computer Name = ***-PC | Source = ESENT | ID = 447
    Description = Catalog Database (1152) Catalog Database: Ungültige Seitenverknüpfung
     (Fehler -327) in B-Struktur (Objekt-Id: 8, PgnoRoot: 35) von Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
     (2468 => 2502, 5620).
     
    Error - 17.05.2012 05:41:26 | Computer Name = ***-PC | Source = ESENT | ID = 447
    Description = Catalog Database (1152) Catalog Database: Ungültige Seitenverknüpfung
     (Fehler -327) in B-Struktur (Objekt-Id: 8, PgnoRoot: 35) von Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
     (2737 => 1930, 5625).
     
    Error - 17.05.2012 05:42:27 | Computer Name = ***-PC | Source = ESENT | ID = 447
    Description = Catalog Database (1152) Catalog Database: Ungültige Seitenverknüpfung
     (Fehler -327) in B-Struktur (Objekt-Id: 8, PgnoRoot: 35) von Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
     (2737 => 1930, 5625).
     
    Error - 17.05.2012 05:42:33 | Computer Name = ***-PC | Source = ESENT | ID = 447
    Description = Catalog Database (1152) Catalog Database: Ungültige Seitenverknüpfung
     (Fehler -327) in B-Struktur (Objekt-Id: 8, PgnoRoot: 35) von Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
     (2468 => 2502, 5620).
     
    Error - 17.05.2012 05:44:33 | Computer Name = ***-PC | Source = ESENT | ID = 447
    Description = Catalog Database (1152) Catalog Database: Ungültige Seitenverknüpfung
     (Fehler -327) in B-Struktur (Objekt-Id: 8, PgnoRoot: 35) von Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
     (2468 => 2502, 5620).
     
    Error - 17.05.2012 05:44:34 | Computer Name = ***-PC | Source = ESENT | ID = 447
    Description = Catalog Database (1152) Catalog Database: Ungültige Seitenverknüpfung
     (Fehler -327) in B-Struktur (Objekt-Id: 8, PgnoRoot: 35) von Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
     (2468 => 2502, 5620).
     
    Error - 17.05.2012 05:44:35 | Computer Name = ***-PC | Source = ESENT | ID = 447
    Description = Catalog Database (1152) Catalog Database: Ungültige Seitenverknüpfung
     (Fehler -327) in B-Struktur (Objekt-Id: 8, PgnoRoot: 35) von Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
     (2737 => 1930, 5625).
     
    Error - 17.05.2012 05:44:48 | Computer Name = ***-PC | Source = ESENT | ID = 447
    Description = Catalog Database (1152) Catalog Database: Ungültige Seitenverknüpfung
     (Fehler -327) in B-Struktur (Objekt-Id: 8, PgnoRoot: 35) von Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
     (2468 => 2502, 5620).
     
    Error - 17.05.2012 05:44:48 | Computer Name = ***-PC | Source = ESENT | ID = 447
    Description = Catalog Database (1152) Catalog Database: Ungültige Seitenverknüpfung
     (Fehler -327) in B-Struktur (Objekt-Id: 8, PgnoRoot: 35) von Datenbank C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
     (2468 => 2502, 5620).
     
    Error - 17.05.2012 15:37:53 | Computer Name = ***-PC | Source = RasClient | ID = 20227
    Description = 
     
    [ System Events ]
    Error - 21.11.2011 12:40:04 | Computer Name = ***-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installationsfehler: Die Installation des folgenden Updates ist mit
     Fehler 0x80070490 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
     Systeme (KB2617657)
     
    Error - 21.11.2011 12:40:27 | Computer Name = ***-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installationsfehler: Die Installation des folgenden Updates ist mit
     Fehler 0x80070490 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
     Systeme (KB2617657)
     
    Error - 21.11.2011 15:18:49 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
    Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
     ABBYY FineReader 9.0 Sprint Licensing Service erreicht.
     
    Error - 21.11.2011 15:32:51 | Computer Name = ***-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installationsfehler: Die Installation des folgenden Updates ist mit
     Fehler 0x80070490 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
     Systeme (KB2617657)
     
    Error - 22.11.2011 04:57:58 | Computer Name = ***-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installationsfehler: Die Installation des folgenden Updates ist mit
     Fehler 0x80070490 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
     Systeme (KB2617657)
     
    Error - 22.11.2011 11:40:01 | Computer Name = ***-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installationsfehler: Die Installation des folgenden Updates ist mit
     Fehler 0x80070490 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
     Systeme (KB2617657)
     
    Error - 23.11.2011 10:44:59 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7043
    Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
     nicht richtig heruntergefahren werden.
     
    Error - 23.11.2011 10:56:23 | Computer Name = ***-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installationsfehler: Die Installation des folgenden Updates ist mit
     Fehler 0x80070490 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
     Systeme (KB2617657)
     
    Error - 23.11.2011 11:28:03 | Computer Name = ***-PC | Source = Microsoft Antimalware | ID = 3002
    Description = Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt
    
    	Feature:
     %%835     Fehlercode: 0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Grund: %%842
     
    Error - 23.11.2011 11:33:45 | Computer Name = ***-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installationsfehler: Die Installation des folgenden Updates ist mit
     Fehler 0x80070490 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
     Systeme (KB2617657)
     
     
    < End of report >
    Probleme gibt's eigentlich keine, außer, dass in der about:config meines Firefox immer noch incredibar auftaucht.

  6. #6
    Moderator Avatar von kira
    Registriert seit
    04.02.2012
    Ort
    Wien - Sprachen: Deutsch-Ungarisch
    Beiträge
    9.744
    1.
    • Download AdwCleaner by Xplode auf dem Desktop
    • Starte AdwCleaner und klicke auf Search
    • Nach einiger zeit öffnet sich ein Logfile (C:\ AdwCleaner[xx].txt
    • Poste dessen Inhalt hier ins Forum


    2.
    • Schliesse alle offenstehende Fenster und starte AdwCleaner
    • Klicke auf Delete
    • Klicke bei: AdwCleaner-Information OK
    • Klicke bei: AdwCleaner-Restart Required OK
    • Alle ikone verschwinden vom Desktop, das ist normal
    • Dein Rechner wird jetzt neu gestartet und es öffnet ein Log (C:\ AdwCleaner[xx].txt poste dessen Inhalt hier ins Forum
    • Wenn die Startseite infiziert war, stelle sie neu ein auf Google.de oder nach deine Wahl
      Notice:
      Dieses Tool kommt aus Frankreich daher wird die Startseite auf Google.fr zurueck gesetzt

    Warnung!:
    Vorsicht geboten bei Rechnung/Mahnung per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!

  7. #7
    Einsteiger
    Registriert seit
    06.07.2012
    Beiträge
    5
    Hallo Kira,
    danke schonmal. Werde die Schritte nachher durchführen.
    Kommen denn die Icons wieder?
    Lieben Gruß!

  8. #8
    Moderator Avatar von kira
    Registriert seit
    04.02.2012
    Ort
    Wien - Sprachen: Deutsch-Ungarisch
    Beiträge
    9.744
    Zitat Zitat von Sally Beitrag anzeigen
    Kommen denn die Icons wieder?
    welche Icons?

    Warnung!:
    Vorsicht geboten bei Rechnung/Mahnung per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!

  9. #9
    Einsteiger
    Registriert seit
    06.07.2012
    Beiträge
    5
    Der Log für die erste Aktivität, die zweite möchte ich erst ausführen, wenn ich weiß, ob alle Icons wiederkommen.
    Code:
    # AdwCleaner v1.701 - Logfile created 07/11/2012 at 07:13:39
    # Updated 02/07/2012 by Xplode
    # Operating system : Windows 7 Home Premium  (64 bits)
    # User : **K** - **K**-PC
    # Running from : D:\Eigene Dateien\Desktop\adwcleaner.exe
    # Option [Search]
    
    
    ***** [Services] *****
    
    
    ***** [Files / Folders] *****
    
    
    ***** [Registry] *****
    
    Key Found : HKCU\Software\IM
    Key Found : HKCU\Software\ImInstaller
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
    Key Found : HKLM\SOFTWARE\Software
    Key Found : HKLM\SOFTWARE\Web Assistant
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
    [x64] Key Found : HKCU\Software\IM
    [x64] Key Found : HKCU\Software\ImInstaller
    [x64] Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
    [x64] Key Found : HKLM\SOFTWARE\Web Assistant
    [x64] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
    
    ***** [Registre - GUID] *****
    
    Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
    [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
    [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
    
    ***** [Internet Browsers] *****
    
    -\\ Internet Explorer v8.0.7600.16385
    
    [OK] Registry is clean.
    
    -\\ Mozilla Firefox v13.0.1 (de)
    
    Profile name : default 
    File : C:\Users\**K**\AppData\Roaming\Mozilla\Firefox\Profiles\9uniihas.default\prefs.js
    
    [OK] File is clean.
    
    *************************
    
    AdwCleaner[R1].txt - [2439 octets] - [11/07/2012 07:10:30]
    AdwCleaner[R2].txt - [2388 octets] - [11/07/2012 07:13:39]
    
    ########## EOF - C:\AdwCleaner[R2].txt - [2516 octets] ##########
    Hier der zweite Log:
    Code:
    # AdwCleaner v1.701 - Logfile created 07/11/2012 at 07:18:25
    # Updated 02/07/2012 by Xplode
    # Operating system : Windows 7 Home Premium  (64 bits)
    # User : **K** - **K**-PC
    # Running from : D:\Eigene Dateien\Desktop\adwcleaner.exe
    # Option [Delete]
    
    
    ***** [Services] *****
    
    
    ***** [Files / Folders] *****
    
    
    ***** [Registry] *****
    
    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\ImInstaller
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
    Key Deleted : HKLM\SOFTWARE\Software
    Key Deleted : HKLM\SOFTWARE\Web Assistant
    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
    [x64] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
    [x64] Key Deleted : HKLM\SOFTWARE\Web Assistant
    
    ***** [Registre - GUID] *****
    
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
    [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    
    ***** [Internet Browsers] *****
    
    -\\ Internet Explorer v8.0.7600.16385
    
    [OK] Registry is clean.
    
    -\\ Mozilla Firefox v13.0.1 (de)
    
    Profile name : default 
    File : C:\Users\**K**\AppData\Roaming\Mozilla\Firefox\Profiles\9uniihas.default\prefs.js
    
    C:\Users\**K**\AppData\Roaming\Mozilla\Firefox\Profiles\9uniihas.default\user.js ... Deleted !
    
    [OK] File is clean.
    
    *************************
    
    AdwCleaner[R1].txt - [2439 octets] - [11/07/2012 07:10:30]
    AdwCleaner[R2].txt - [2497 octets] - [11/07/2012 07:13:39]
    AdwCleaner[S1].txt - [2060 octets] - [11/07/2012 07:18:25]
    
    ########## EOF - C:\AdwCleaner[S1].txt - [2188 octets] ##########
    So, aus der about:config ist es auch raus... Herzlichen Dank!!
    Geändert von Sally (11.07.2012 um 06:25 Uhr) Grund: Falscher Log...

  10. #10
    Moderator Avatar von kira
    Registriert seit
    04.02.2012
    Ort
    Wien - Sprachen: Deutsch-Ungarisch
    Beiträge
    9.744
    sonst noch Probleme?

    Warnung!:
    Vorsicht geboten bei Rechnung/Mahnung per Email mit ZIP-Datei als Anhang! Kann mit einem Verschlüsselungs-Trojaner infiziert sein!
    Anhang nicht öffnen, in unserem Forum erst nachfragen!

    Bitte diese Warnung weitergeben, wo Du nur kannst!
    Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten!

Ähnliche Themen

  1. MyStart-IncrediBar
    Von Resingz im Forum Archiv
    Antworten: 2
    Letzter Beitrag: 24.10.2012, 16:19
  2. mystart.incredibar
    Von flockensteiner-212 im Forum Archiv
    Antworten: 7
    Letzter Beitrag: 24.10.2012, 16:17
  3. Mystart.Incredibar
    Von kuhamo im Forum Gelöst / Rechner bereinigt
    Antworten: 9
    Letzter Beitrag: 16.08.2012, 21:04
  4. Incredibar My Start - wie werde ich es wieder los?
    Von mat im Forum Unvollständig / Fehlendes Feedback
    Antworten: 27
    Letzter Beitrag: 16.08.2012, 08:42
  5. mystart.incredibar - Was tun?
    Von frank88 im Forum Gelöst / Rechner bereinigt
    Antworten: 15
    Letzter Beitrag: 19.07.2012, 14:36

Stichworte

Lesezeichen

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •  
G Data
forum.botfrei.de wird überprüft von der Initiative-S