Seite 1 von 3 123 LetzteLetzte
Ergebnis 1 bis 10 von 28

Thema: Mozilla Firefox hängt sich auf

  1. #1
    Einsteiger
    Registriert seit
    23.03.2011
    Beiträge
    17

    Mozilla Firefox hängt sich auf

    Hallo,

    habe folgende Probleme:

    1. Habe gestern abend den Firefox 4.0 installiert. Nach dem öffnen des Browsers hat sich dieser immer aufgehangen. Nach Deinstallation und Erneuter Installation ebenfalls. Daraufhin habe ich den 3.6er installiert, der vorher problemlos lief. Auch dieser lief im Anschluss daran nicht mehr.

    2. Habe immer mal wieder den f-secure-onlinescanner über den Rechner laufen lassen. Seit einer Woche zeigt er täglich 2,3 infizierte Dateien an. Gestern abend dann 6. NAch dem löschen dieser 6 Datein schafft es der Scan nicht mehr vollständig zu Ende zu laufen und hat eine Read-me Datei angelegt, im der er auf ein quarantäne Verzeichnis hinweist, dass er angelegt hat.


    Malware und spybot habe ich scannen lassen. Malware hat nichts gefunden, spybot 3-4 tracking cookies


    Ergebnisse des RSIT:

    Code:
    Logfile of random's system information tool 1.08 (written by random/random)
    Run by Tobstar at 2011-03-23 10:32:00
    Microsoft® Windows Vista™ Home Premium  Service Pack 2
    System drive C: has 209 GB (71%) free of 293 GB
    Total RAM: 3070 MB (62% free)
    
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:32:07, on 23.03.2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.19019)
    Boot mode: Normal
    
    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\ATK Hotkey\HControlUser.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFCE.EXE
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Users\Tobstar\Downloads\HiJackThis204.exe
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Users\Tobstar\Desktop\RSIT.exe
    C:\Program Files\trend micro\Tobstar.exe
    
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.packardbell.com/?id=9283
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll
    O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
    O3 - Toolbar: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll
    O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [Skytel] Skytel.exe
    O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
    O4 - HKLM\..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [FileHippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background
    O4 - HKCU\..\Run: [EPSON SX410 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE /FU "C:\Windows\TEMP\E_SE071.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: BTTray.lnk = ?
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
    O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    
    --
    End of file - 11217 bytes
    
    ======Scheduled tasks folder======
    
    C:\Windows\tasks\Ad-Aware Update (Weekly).job
    C:\Windows\tasks\Erweiterte Garantie-Tobstar.job
    C:\Windows\tasks\Recovery DVD Creator-Tobstar.job
    
    ======Registry dump======
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
    ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-02-15 599544]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
    Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
    CBrowserHelperObject Object - C:\Program Files\Google\Google_BAE\BAE.dll [2006-11-09 98304]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02 41760]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}]
    ZoneAlarm-Sicherheit Toolbar - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll [2010-05-09 2517088]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
    {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - ZoneAlarm-Sicherheit Toolbar - C:\Program Files\ZoneAlarm-Sicherheit\tbZone.dll [2010-05-09 2517088]
    {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-02-15 599544]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-05-07 178712]
    "HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-11 98304]
    "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
    "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-06 1041704]
    "toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-02-20 28672]
    "Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
    "avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-01-13 3396624]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-10 932288]
    "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
    "ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2011-02-18 1043968]
    "ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-02-15 738808]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll"=C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll,DllRegisterServer []
    "B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll"=C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll,DllRegisterServer []
    "B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll"=C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll,DllRegisterServer []
    "B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll"=C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll,DllRegisterServer []
    "B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll"=C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll,DllRegisterServer []
    "B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll"=C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll,DllRegisterServer []
    "B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll"=C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll,DllRegisterServer []
    "B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll"=C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll,DllRegisterServer []
    "B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll"=C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll,DllRegisterServer []
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2008-02-04 1038136]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
    "FileHippo.com"=C:\Program Files\filehippo.com\UpdateChecker.exe [2010-08-09 248832]
    "EPSON SX410 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE [2008-10-02 199680]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-10 932288]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
    C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CarboniteSetupLite]
    C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe [2008-04-07 306112]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISW]
    C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-02-15 738808]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
    
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    
    C:\Users\Tobstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0
    
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=0
    
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDrives"=0
    "BindDirectlyToPropertySetStorage"=0
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    
    ======File associations======
    
    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*
    
    ======List of files/folders created in the last 1 months======
    
    2011-03-23 10:32:00 ----D---- C:\rsit
    2011-03-23 09:15:09 ----A---- C:\Windows\system32\DWrite.dll
    2011-03-23 09:15:08 ----A---- C:\Windows\system32\XpsGdiConverter.dll
    2011-03-23 09:15:08 ----A---- C:\Windows\system32\FntCache.dll
    2011-03-14 23:16:40 ----D---- C:\Users\Tobstar\AppData\Roaming\f-secure
    2011-03-10 22:30:43 ----A---- C:\Windows\system32\shsvcs.dll
    2011-03-08 20:59:29 ----A---- C:\Windows\system32\sbeio.dll
    2011-03-08 20:59:29 ----A---- C:\Windows\system32\sbe.dll
    2011-03-08 20:59:29 ----A---- C:\Windows\system32\EncDec.dll
    2011-03-08 20:59:27 ----A---- C:\Windows\system32\mstscax.dll
    2011-03-08 20:59:27 ----A---- C:\Windows\system32\mstsc.exe
    2011-03-01 23:38:25 ----RASH---- C:\MSDOS.SYS
    2011-03-01 23:38:25 ----RASH---- C:\IO.SYS
    
    ======List of files/folders modified in the last 1 months======
    
    2011-03-23 10:32:07 ----D---- C:\Program Files\Trend Micro
    2011-03-23 10:32:06 ----D---- C:\Windows\temp
    2011-03-23 10:26:00 ----D---- C:\Users\Tobstar\AppData\Roaming\Skype
    2011-03-23 10:25:22 ----D---- C:\Windows\Internet Logs
    2011-03-23 10:22:15 ----D---- C:\Users\Tobstar\AppData\Roaming\skypePM
    2011-03-23 10:12:35 ----D---- C:\Windows\rescache
    2011-03-23 09:57:25 ----D---- C:\Windows\prefetch
    2011-03-23 09:53:50 ----AD---- C:\Windows\System32
    2011-03-23 09:48:19 ----D---- C:\Windows
    2011-03-23 09:47:55 ----D---- C:\Program Files\Mozilla Firefox
    2011-03-23 09:31:59 ----SHD---- C:\System Volume Information
    2011-03-23 09:19:22 ----D---- C:\Windows\winsxs
    2011-03-23 09:12:31 ----D---- C:\Windows\system32\catroot2
    2011-03-23 09:12:31 ----D---- C:\Windows\system32\catroot
    2011-03-23 00:37:22 ----SHD---- C:\Windows\Installer
    2011-03-23 00:20:16 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2011-03-23 00:06:00 ----D---- C:\Program Files\Mozilla Firefox 3.6 Beta 2
    2011-03-22 16:57:09 ----D---- C:\Users\Tobstar\AppData\Roaming\ICQ
    2011-03-19 01:14:02 ----D---- C:\Windows\system32\LogFiles
    2011-03-17 09:25:21 ----D---- C:\Windows\Debug
    2011-03-12 10:33:51 ----D---- C:\Program Files\WinRAR
    2011-03-12 00:45:56 ----D---- C:\Users\Tobstar\AppData\Roaming\vlc
    2011-03-11 22:56:26 ----D---- C:\Windows\system32\WAH dir
    2011-03-09 00:01:08 ----A---- C:\Windows\system32\mrt.exe
    2011-03-09 00:01:05 ----D---- C:\ProgramData\Microsoft Help
    2011-03-08 10:07:15 ----D---- C:\Windows\inf
    2011-03-07 10:49:31 ----D---- C:\Windows\system32\ZoneLabs
    2011-03-07 10:44:25 ----D---- C:\Windows\system32\drivers
    2011-03-02 08:17:22 ----D---- C:\Program Files\CCleaner
    
    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-05-07 317976]
    R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
    R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
    R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-01-13 294608]
    R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
    R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 457304]
    R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
    R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
    R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-02-15 26872]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
    R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
    R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-06-10 3839488]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-13 2152344]
    R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]
    R3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2008-01-31 443904]
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
    R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-06-25 3662848]
    R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-05-29 146848]
    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
    R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-06 198960]
    R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
    S0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
    S3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
    S3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
    S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
    S3 BTHUSB;USB-Treiber für Bluetooth-Sender; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
    S3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
    S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
    S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
    S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
    S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
    S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
    S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
    S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
    S3 vsdatant7;vsdatant7; C:\Windows\System32\drivers\vsdatant.win7.sys []
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
    
    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
    
    R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-10 124832]
    R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
    R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-06-10 692224]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-10 518696]
    R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-05-07 354840]
    R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-02-15 488952]
    R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-08-10 66872]
    R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-08-10 107832]
    R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2011-02-18 2435592]
    R2 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-07 647680]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-01-14 447784]
    S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\Windows\System32\svchost.exe [2008-01-21 21504]
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
    
    -----------------EOF-----------------

    und


    Code:
    info.txt logfile of random's system information tool 1.08 2011-03-23 10:32:10
    
    ======Uninstall list======
    
    -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL
    -->C:\Windows\UNNeroVision.exe /UNINSTALL
    -->C:\Windows\UNRecode.exe /UNINSTALL
    ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
    Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
    Adobe Download Manager-->"C:\Program Files\NOS\bin\getPlusUninst_Adobe.exe" /Get1
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe -maintain activex
    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10n_Plugin.exe -maintain plugin
    Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
    Adobe Photoshop Elements 6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobePE6*
    Adobe Reader 8-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AdobeReader*
    Adobe Reader X (10.0.1)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA0000000001}
    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
    Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ATI Display Driver V8.510.0.0000-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *VGA*
    ATK Hotkey UTILITY V1.00.0037-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ATKHotkey*
    ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe -runfromtemp -l0x0007 -removeonly
    avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
    Browser Address Error Redirector-->regsvr32 /u /s "C:\Program Files\Google\Google_BAE\BAE.dll"
    Carbonite-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Carbonite*
    Catalyst Control Center - Branding-->MsiExec.exe /I{E3A5DDF7-17BD-43F1-9EBA-BB136EEB17DC}
    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
    Compatibility Pack für 2007 Office System-->MsiExec.exe /X{90120000-0020-0407-0000-0000000FF1CE}
    CutePDF Writer 2.8-->C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe
    Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}\SETUP.EXE -runfromtemp -l0x0007 UNINST -removeonly
    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
    Epson Stylus SX210_SX410_TX210_TX410 Handbuch-->C:\Program Files\EPSON\TPMANUAL\ESSX210_410_TX210_410\DEU\USE_G\DOCUNINS.EXE
    EPSON SX410 Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSFCE.EXE /R /APD /P:"EPSON SX410 Series"
    FileHippo.com Update Checker-->"C:\Program Files\filehippo.com\uninstall.exe"
    Google BAE-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleBAE*
    Google Toolbar-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *GoogleToolbar*
    Hattrick Organizer (remove only)-->C:\Users\Tobstar\HattrickOrganizer\Uninstall.exe
    HDRegDE-->MsiExec.exe /I{D359B12F-9B1A-46FD-B70C-F507B5B11590}
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
    ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
    Infocentre Rev. 2.0.0.1-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Infocentre*
    Intel Wireless WiFi Link Adapters Ver12.0.0.82-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *WLAN*
    Intel(R) Matrix Storage Manager V8.2.0.1001-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *IMSM*
    Intel® Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
    ITECIR Vista Driver V5.0.4.6-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CIR*
    ITECIR-->C:\Program Files\InstallShield Installation Information\{40580068-9B10-40B5-9548-536CE88AB23C}\setup.exe -runfromtemp -l0x0007 -removeonly
    Java(TM) 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216023FF}
    Kaspersky Online Scanner-->C:\Windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Media Go-->MsiExec.exe /X{5178758D-BAF8-40BE-BC10-8D9EAE57273F}
    Metaboli-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *METABOLI*
    Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
    Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
    Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
    Microsoft .NET Framework 4 Client Profile DEU Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1031 /parameterfolder ClientLP
    Microsoft .NET Framework 4 Client Profile DEU Language Pack-->MsiExec.exe /X{F750C986-5310-3A5A-95F8-4EC71C8AC01C}
    Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
    Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
    Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
    Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
    Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
    Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
    Microsoft Office PowerPoint Viewer 2007 (German)-->MsiExec.exe /X{95120000-00AF-0407-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
    Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
    Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
    Microsoft Office Standard 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
    Microsoft Office Standard 2007-->MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
    Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Works 9-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *works9*
    Microsoft Works-->MsiExec.exe /I{39D0E034-1042-4905-BECB-5502909FCB7C}
    Microsoft® Office 2007-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *OFF2k7_GE*
    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Nero 8 Essentials-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Nero8*
    Nero 8 Essentials-->MsiExec.exe /X{980B9958-1239-4FC5-8C88-AC5650321031}
    Nero 9 Essentials-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe  REMOVESERIALNUMBER="x"
    Nero 9 Lite-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe  REMOVESERIALNUMBER="x"
    Nero BurnLite 10-->MsiExec.exe /I{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}
    Nero BurnLite 10-->MsiExec.exe /X{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}
    Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
    Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
    Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
    Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
    Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
    Nero Online Upgrade-->MsiExec.exe /X{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
    Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
    Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
    Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
    Packard Bell ImageWriter-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *ImageWriter*
    Packard Bell LCD Test-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LCDTest*
    Packard Bell Updator-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Updator*
    Packardbell EcoButton UTILITY V1.00.01-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *EcoButton*
    Packardbell_EcoBtn-->C:\Program Files\InstallShield Installation Information\{7DBCD0B0-F5E1-4072-9B68-EBF32B322756}\setup.exe -runfromtemp -l0x0009 -removeonly
    PlayStation(R)Network Downloader-->MsiExec.exe /X{BC4CA8FA-41D2-4B81-8680-E9B7573D6500}
    PlayStation(R)Store-->MsiExec.exe /X{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}
    PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
    QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C}
    Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0007 -removeonly
    Realtek High Definition Audio Driver V6.0.1.5643-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *AUDIO*
    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
    Realtek PCI-E Gigabit Ethernet Driver V6.206.0502.2008-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *LAN*
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *RICOH*
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x7 anything
    SeaTools for Windows-->MsiExec.exe /I{98613C99-1399-416C-A07C-1EE1C585D872}
    Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
    Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
    Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
    Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
    Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
    Security Update for 2007 Microsoft Office System (KB2289158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {210B16C0-CEBD-4DE9-B474-04A7E8735E16}
    Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
    Security Update for 2007 Microsoft Office System (KB2344875)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}
    Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
    Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
    Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
    Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
    Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
    Security Update for Microsoft Office Excel 2007 (KB2345035)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B23002DD-34EC-4988-B810-A5E2A0BF04F1}
    Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
    Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
    Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}
    Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
    Security Update for Microsoft Office PowerPoint Viewer (KB2413381)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3DED0A62-44C8-4E00-A785-5212F297A9D9}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
    Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
    Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
    SetUp My PC-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SETUPMYPC_DE*
    Sichern Sie Ihre Daten-->"C:\Program Files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" /preinstalled /uninstall
    Skype 3.6.2.248-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *SKYPE*
    Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Stronghold Legends-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66A405D2-BA14-4594-BF36-B3B544F0754E}\setup.exe" -l0x7  -removeonly
    Sweet Home 3D version 2.6-->"C:\Program Files\Sweet Home 3D\unins000.exe"
    Synaptics Pointing Device driver Ver11.0.4.0-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *TOUCHPAD*
    Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
    TBS WMP Plug-in-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{13515135-48BB-4184-8C1F-2FAE0138E200} 
    Tom Clancy's Rainbow Six Vegas 2-->"C:\Program Files\InstallShield Installation Information\{FD416706-875C-4B0B-A23A-9E740DAE029E}\setup.exe" -runfromtemp -l0x0007 -removeonly
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
    Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
    Update for Microsoft Office Outlook 2007 (KB2412171)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {752A0B7C-BD24-4362-AC86-AB63FEE6F46F}
    Update for Outlook 2007 Junk Email Filter (KB2508979)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {D2137BBA-250B-4548-BC1C-19E5009893D7}
    Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
    Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
    Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
    Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
    USB 2.0 1.3M UVC WebCam Camera driver V61.005.029.190-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *CAMERA*
    USB 2.0 1.3M UVC WebCam-->C:\Windows\Uninstsxga.bat
    VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
    VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
    Visual Basic 6.0 Runtime&Steuerelemente-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\Visual Basic 6.0 Runtime&Steuerelemente\ST6UNST.LOG"  
    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
    VLC media player 1.0.0-rc4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WIDCOMM Bluetooth Software pack V5.2.0.500-->"C:\Program Files\Packard Bell\Smart Restore\SmartRestore.exe" /MSADDREM *Bluetooth*
    WIDCOMM Bluetooth Software-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}
    Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
    Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
    Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
    Windows Live Essentials-->MsiExec.exe /I{CAFA57E8-8927-4912-AFCF-B0AA3837E989}
    Windows Live Fotogalerie-->MsiExec.exe /X{850C7BD3-9F3F-46AD-9396-E7985B38C55E}
    Windows Live Sync-->MsiExec.exe /X{586509F0-350D-48B5-B763-9CC2F8D96C4C}
    Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    WinRAR 4.00 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
    X10 Hardware(TM)-->C:\Windows\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
    Zattoo 3.3.4 Beta-->C:\Program Files\Zattoo\uninst.exe
    Zattoo4 4.0.5-->C:\Program Files\Zattoo4\uninst.exe
    ZoneAlarm Toolbar-->C:\Program Files\CheckPoint\ZAForceField\Clean_tool.exe
    ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
    
    ======Security center information======
    
    AS: Windows Defender
    
    ======System event log======
    
    Computer Name: Tobstar-PC
    Event Code: 7036
    Message: Dienst "Windows-Ereignisprotokoll" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 288691
    Source Name: Service Control Manager
    Time Written: 20101014112907.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 7036
    Message: Dienst "Ati External Event Utility" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 288690
    Source Name: Service Control Manager
    Time Written: 20101014112907.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 7036
    Message: Dienst "Windows-Defender" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 288689
    Source Name: Service Control Manager
    Time Written: 20101014112907.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 7036
    Message: Dienst "Remoteprozeduraufruf (RPC)" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 288688
    Source Name: Service Control Manager
    Time Written: 20101014112907.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 7036
    Message: Dienst "DCOM-Server-Prozessstart" befindet sich jetzt im Status "Ausgeführt".
    Record Number: 288687
    Source Name: Service Control Manager
    Time Written: 20101014112907.000000-000
    Event Type: Informationen
    User: 
    
    =====Application event log=====
    
    Computer Name: Tobstar-PC
    Event Code: 11724
    Message: Produkt: Ask Toolbar -- Das Entfernen wurde erfolgreich abgeschlossen.
    Record Number: 39828
    Source Name: MsiInstaller
    Time Written: 20100327084928.000000-000
    Event Type: Informationen
    User: Tobstar-PC\Tobstar
    
    Computer Name: Tobstar-PC
    Event Code: 8194
    Message: Der Wiederherstellungspunkt wurde erfolgreich erstellt (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = ).
    Record Number: 39827
    Source Name: System Restore
    Time Written: 20100327084928.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 10000
    Message: Sitzung wird gestartet: 1 - 2010-03-27T08:48:41.398Z.
    Record Number: 39826
    Source Name: Microsoft-Windows-RestartManager
    Time Written: 20100327084841.398654-000
    Event Type: Informationen
    User: Tobstar-PC\Tobstar
    
    Computer Name: Tobstar-PC
    Event Code: 8194
    Message: Der Wiederherstellungspunkt wurde erfolgreich erstellt (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed Nero Toolbar.).
    Record Number: 39825
    Source Name: System Restore
    Time Written: 20100327084841.000000-000
    Event Type: Informationen
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 1040
    Message: Windows Installer-Transaktion wird gestartet: {86D4B82A-ABED-442A-BE86-96357B70F4FE}. Clientprozess-ID: 3416.
    Record Number: 39824
    Source Name: MsiInstaller
    Time Written: 20100327084810.000000-000
    Event Type: Informationen
    User: Tobstar-PC\Tobstar
    
    =====Security event log=====
    
    Computer Name: Tobstar-PC
    Event Code: 4672
    Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-ID:		0x3e7
    
    Berechtigungen:		SeAssignPrimaryTokenPrivilege
    			SeTcbPrivilege
    			SeSecurityPrivilege
    			SeTakeOwnershipPrivilege
    			SeLoadDriverPrivilege
    			SeBackupPrivilege
    			SeRestorePrivilege
    			SeDebugPrivilege
    			SeAuditPrivilege
    			SeSystemEnvironmentPrivilege
    			SeImpersonatePrivilege
    Record Number: 69150
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100526093348.266834-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 4624
    Message: Ein Konto wurde erfolgreich angemeldet.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		TOBSTAR-PC$
    	Kontodomäne:		WORKGROUP
    	Anmelde-ID:		0x3e7
    
    Anmeldetyp:			5
    
    Neue Anmeldung:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-ID:		0x3e7
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Prozessinformationen:
    	Prozess-ID:		0x2d4
    	Prozessname:		C:\Windows\System32\services.exe
    
    Netzwerkinformationen:
    	Arbeitsstationsname:	
    	Quellnetzwerkadresse:	-
    	Quellport:		-
    
    Detaillierte Authentifizierungsinformationen:
    	Anmeldeprozess:		Advapi  
    	Authentifizierungspaket:	Negotiate
    	Übertragene Dienste:	-
    	Paketname (nur NTLM):	-
    	Schlüssellänge:		0
    
    Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
    
    Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
    
    Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
    
    Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
    
    Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
    
    Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
    	 - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
    	- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
    	- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
    	- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
    Record Number: 69149
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100526093348.266834-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 4648
    Message: Anmeldeversuch mit expliziten Anmeldeinformationen.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		TOBSTAR-PC$
    	Kontodomäne:		WORKGROUP
    	Anmelde-ID:		0x3e7
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Konto, dessen Anmeldeinformationen verwendet wurden:
    	Kontoname:		SYSTEM
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Zielserver:
    	Zielservername:	localhost
    	Weitere Informationen:	localhost
    
    Prozessinformationen:
    	Prozess-ID:		0x2d4
    	Prozessname:		C:\Windows\System32\services.exe
    
    Netzwerkinformationen:
    	Netzwerkadresse:	-
    	Port:			-
    
    Dieses Ereignis wird bei einem Anmeldeversuch durch einen Prozess generiert, wenn ausdrücklich die Anmeldeinformationen des Kontos angegeben werden.  Dies ist normalerweise der Fall in Batch-Konfigurationen, z. B. bei geplanten Aufgaben oder wenn der Befehl "runas" verwendet wird.
    Record Number: 69148
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100526093348.266834-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 4672
    Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-20
    	Kontoname:		NETZWERKDIENST
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-ID:		0x3e4
    
    Berechtigungen:		SeAssignPrimaryTokenPrivilege
    			SeAuditPrivilege
    			SeImpersonatePrivilege
    Record Number: 69147
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100526093348.173233-000
    Event Type: Überwachung erfolgreich
    User: 
    
    Computer Name: Tobstar-PC
    Event Code: 4624
    Message: Ein Konto wurde erfolgreich angemeldet.
    
    Antragsteller:
    	Sicherheits-ID:		S-1-5-18
    	Kontoname:		TOBSTAR-PC$
    	Kontodomäne:		WORKGROUP
    	Anmelde-ID:		0x3e7
    
    Anmeldetyp:			5
    
    Neue Anmeldung:
    	Sicherheits-ID:		S-1-5-20
    	Kontoname:		NETZWERKDIENST
    	Kontodomäne:		NT-AUTORITÄT
    	Anmelde-ID:		0x3e4
    	Anmelde-GUID:		{00000000-0000-0000-0000-000000000000}
    
    Prozessinformationen:
    	Prozess-ID:		0x2d4
    	Prozessname:		C:\Windows\System32\services.exe
    
    Netzwerkinformationen:
    	Arbeitsstationsname:	
    	Quellnetzwerkadresse:	-
    	Quellport:		-
    
    Detaillierte Authentifizierungsinformationen:
    	Anmeldeprozess:		Advapi  
    	Authentifizierungspaket:	Negotiate
    	Übertragene Dienste:	-
    	Paketname (nur NTLM):	-
    	Schlüssellänge:		0
    
    Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
    
    Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
    
    Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
    
    Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
    
    Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
    
    Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
    	 - Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
    	- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
    	- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
    	- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
    Record Number: 69146
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100526093348.173233-000
    Event Type: Überwachung erfolgreich
    User: 
    
    ======Environment variables======
    
    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=x86
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    "PROCESSOR_REVISION"=0f0d
    "NUMBER_OF_PROCESSORS"=2
    "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
    "DFSTRACINGON"=FALSE
    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
    "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
    "tvdumpflags"=8
    
    -----------------EOF-----------------


    Ich hoffe jemand hat nen Rat!
    Geändert von Petra (28.03.2011 um 21:53 Uhr) Grund: Serien-Nummer entfernt

  2. #2
    Einsteiger
    Registriert seit
    23.03.2011
    Beiträge
    17

    AW: Mozilla Firefox hängt sich auf

    Und hier noch der hjtscan:

    Code:
     
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
                            º                                    º 
                                        hjtscanlist v2.0              
                            º                                    º 
                            $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ 
    
    Microsoft Windows [Version 6.0.6002]
     
     
    C:
    
      23.03.2011 10:32     C:\rsit --------- 0   
           C:\hiberfil.sys ---------    
           C:\pagefile.sys ---------    
      23.03.2011 09:48     C:\Windows --------- 32768   
      23.03.2011 09:31     C:\System Volume Information --------- 40960   
      01.03.2011 23:38     C:\IO.SYS --------- 0   
      01.03.2011 23:38     C:\MSDOS.SYS --------- 0   
      30.01.2011 23:08     C:\Program Files --------- 24576   
      30.01.2011 23:08     C:\ProgramData --------- 8192   
      25.12.2010 15:49     C:\aaw7boot.log --------- 113721   
      18.09.2009 21:19     C:\boot --------- 4096   
      09.06.2009 23:48     C:\temp --------- 0   
      09.06.2009 23:47     C:\ComboFix.txt --------- 45232   
      09.06.2009 23:46     C:\$RECYCLE.BIN --------- 0   
      07.06.2009 15:19     C:\ATI --------- 0   
      06.06.2009 11:21     C:\Users --------- 4096   
      06.06.2009 11:17     C:\Programme --------- 0   
      06.06.2009 11:17     C:\Dokumente und Einstellungen --------- 0   
      11.04.2009 07:36     C:\bootmgr --------- 333257   
      08.10.2008 01:01     C:\BOOTSECT.BAK --------- 8192   
      08.10.2008 00:56     C:\drivers --------- 4096   
      07.10.2008 16:13     C:\temp_ig.txt --------- 0   
      07.10.2008 16:07     C:\MSOCache --------- 0   
      07.10.2008 15:47     C:\setup.log --------- 86   
      07.10.2008 15:41     C:\RHDSetup.log --------- 650   
      07.10.2008 15:32     C:\Intel --------- 0   
      23.04.2008 16:10     C:\files.crc --------- 2916   
      21.01.2008 03:32     C:\PerfLogs --------- 0   
      02.11.2006 14:02     C:\Documents and Settings --------- 0   
      18.09.2006 22:43     C:\config.sys --------- 10   
      18.09.2006 22:43     C:\autoexec.bat --------- 24   
    ----------------------------------------
    
     
    C:\Windows
    
      23.03.2011 10:25     C:\Windows\WindowsUpdate.log --------- 1928945   
      23.03.2011 09:56     C:\Windows\bootstat.dat --------- 67584   
      23.03.2011 09:53     C:\Windows\bthservsdp.dat --------- 12   
      23.03.2011 09:01     C:\Windows\PFRO.log --------- 812   
      13.01.2011 09:47     C:\Windows\avastSS.scr --------- 38848   
      17.04.2010 00:45     C:\Windows\WLXPGSS.SCR --------- 307056   
      05.10.2009 16:53     C:\Windows\win.ini --------- 219   
      09.06.2009 23:43     C:\Windows\system.ini --------- 215   
      08.06.2009 22:31     C:\Windows\Setup1.exe --------- 290816   
      08.06.2009 22:31     C:\Windows\ST6UNST.EXE --------- 74752   
      11.04.2009 07:27     C:\Windows\explorer.exe --------- 2926592   
      07.10.2008 15:57     C:\Windows\ODBCINST.INI --------- 209   
      07.10.2008 15:50     C:\Windows\ativpsrm.bin --------- 0   
      07.10.2008 15:40     C:\Windows\DIFxAPI.dll --------- 319456   
      07.10.2008 15:40     C:\Windows\HideWin.exe --------- 315392   
      13.06.2008 06:52     C:\Windows\RtHDVCpl.exe --------- 6183456   
      30.05.2008 13:59     C:\Windows\csup.txt --------- 14   
      13.05.2008 01:10     C:\Windows\atiogl.xml --------- 13052   
      02.04.2008 02:27     C:\Windows\RtlUpd.exe --------- 1196032   
      02.04.2008 02:27     C:\Windows\RtkUpd.exe --------- 1196032   
      05.03.2008 11:07     C:\Windows\RtlExUpd.dll --------- 520192   
      31.01.2008 08:19     C:\Windows\UNRecode.exe --------- 972072   
      21.01.2008 03:43     C:\Windows\WindowsShell.Manifest --------- 749   
      21.01.2008 03:24     C:\Windows\regedit.exe --------- 134656   
      21.01.2008 03:24     C:\Windows\bfsvc.exe --------- 58880   
      21.01.2008 03:24     C:\Windows\fveupdate.exe --------- 13312   
      21.01.2008 03:24     C:\Windows\HelpPane.exe --------- 498176   
      21.01.2008 03:23     C:\Windows\notepad.exe --------- 151040   
      14.01.2008 13:10     C:\Windows\UNNeroMediaHome.exe --------- 972072   
      20.11.2007 11:15     C:\Windows\SkyTel.exe --------- 1826816   
      15.11.2007 17:40     C:\Windows\Uninstsxga.bat --------- 372   
      15.11.2007 17:40     C:\Windows\Uninstvga.bat --------- 371   
      14.11.2007 08:18     C:\Windows\USetup.iss --------- 553   
      15.09.2007 02:01     C:\Windows\Uninstsxga.reg --------- 386   
      15.09.2007 02:01     C:\Windows\Uninstvga.reg --------- 384   
      21.03.2007 19:02     C:\Windows\UNNeroVision.exe --------- 972336   
      20.03.2007 19:22     C:\Windows\UNNeroBackItUp.exe --------- 972336   
      28.02.2007 14:41     C:\Windows\UNNeroShowTime.exe --------- 972336   
      23.11.2006 15:20     C:\Windows\DrvInst.exe --------- 11776   
      02.11.2006 13:35     C:\Windows\WMSysPr9.prx --------- 316640   
      02.11.2006 13:34     C:\Windows\twunk_16.exe --------- 49680   
      02.11.2006 13:34     C:\Windows\twunk_32.exe --------- 31232   
      02.11.2006 13:34     C:\Windows\twain_32.dll --------- 50688   
      02.11.2006 13:34     C:\Windows\twain.dll --------- 94784   
      02.11.2006 10:45     C:\Windows\winhlp32.exe --------- 9216   
      02.11.2006 10:45     C:\Windows\hh.exe --------- 14848   
      02.11.2006 08:46     C:\Windows\mib.bin --------- 43131   
      19.09.2006 12:41     C:\Windows\HomePremium.xml --------- 8328   
      18.09.2006 22:43     C:\Windows\_default.pif --------- 707   
      18.09.2006 22:43     C:\Windows\winhelp.exe --------- 256192   
      18.09.2006 22:30     C:\Windows\msdfmap.ini --------- 1405   
      15.09.2005 12:35     C:\Windows\UNNeroMediaHome.cfg --------- 50   
      30.08.2005 19:37     C:\Windows\UNNeroVision.cfg --------- 50   
      30.08.2005 19:37     C:\Windows\UNNeroShowTime.cfg --------- 50   
      30.08.2005 19:36     C:\Windows\UNRecode.cfg --------- 50   
      30.08.2005 19:33     C:\Windows\UNNeroBackItUp.cfg --------- 50   
      25.06.1999 08:56     C:\Windows\Unwise.exe --------- 127184   
    ----------------------------------------
    
     
    C:\Windows\System
    
     02.11.2006 13:34      C:\Windows\System\mciseq.drv --------- 25264 
     02.11.2006 13:34      C:\Windows\System\mciwave.drv --------- 28160 
     02.11.2006 13:34      C:\Windows\System\avifile.dll --------- 109456 
     02.11.2006 13:34      C:\Windows\System\avicap.dll --------- 69584 
     02.11.2006 13:34      C:\Windows\System\mciavi.drv --------- 73376 
     02.11.2006 13:34      C:\Windows\System\msvideo.dll --------- 126912 
     02.11.2006 08:10      C:\Windows\System\OLESVR.DLL --------- 24064 
     02.11.2006 08:10      C:\Windows\System\WFWNET.DRV --------- 12704 
     02.11.2006 08:10      C:\Windows\System\COMMDLG.DLL --------- 32816 
     02.11.2006 08:10      C:\Windows\System\TIMER.DRV --------- 4048 
     02.11.2006 08:10      C:\Windows\System\MMSYSTEM.DLL --------- 68992 
     02.11.2006 08:10      C:\Windows\System\mmtask.tsk --------- 1152 
     02.11.2006 08:10      C:\Windows\System\mouse.drv --------- 2032 
     02.11.2006 08:10      C:\Windows\System\vga.drv --------- 2176 
     02.11.2006 08:10      C:\Windows\System\sound.drv --------- 1744 
     02.11.2006 08:10      C:\Windows\System\keyboard.drv --------- 2000 
     02.11.2006 08:10      C:\Windows\System\SHELL.DLL --------- 5120 
     02.11.2006 08:10      C:\Windows\System\system.drv --------- 3360 
     18.09.2006 22:43      C:\Windows\System\ver.dll --------- 9008 
     18.09.2006 22:43      C:\Windows\System\olecli.dll --------- 82944 
     18.09.2006 22:43      C:\Windows\System\lzexpand.dll --------- 9936 
     18.09.2006 22:35      C:\Windows\System\stdole.tlb --------- 5532 
    ----------------------------------------
    
     
    C:\Windows\System32
    
     23.03.2011 09:56     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 --------- 3216  
     23.03.2011 09:56     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 --------- 3216  
     23.03.2011 09:12     C:\Windows\system32\catroot --------- 4096  
     23.03.2011 09:12     C:\Windows\system32\catroot2 --------- 4096  
     19.03.2011 01:14     C:\Windows\system32\LogFiles --------- 0  
     11.03.2011 22:56     C:\Windows\system32\WAH dir --------- 0  
     09.03.2011 00:01     C:\Windows\system32\mrt.exe --------- 37943240  
     07.03.2011 10:49     C:\Windows\system32\ZoneLabs --------- 8192  
     07.03.2011 10:44     C:\Windows\system32\vsconfig.xml --------- 11954  
     07.03.2011 10:44     C:\Windows\system32\drivers --------- 81920  
     23.02.2011 08:39     C:\Windows\system32\de-DE --------- 327680  
     23.02.2011 08:39     C:\Windows\system32\WindowsPowerShell --------- 0  
     22.02.2011 15:13     C:\Windows\system32\XpsGdiConverter.dll --------- 288768  
     22.02.2011 14:33     C:\Windows\system32\DWrite.dll --------- 1068544  
     22.02.2011 14:33     C:\Windows\system32\FntCache.dll --------- 797696  
     18.02.2011 22:09     C:\Windows\system32\jupdate-1.6.0_24-b07.log --------- 3276  
     18.02.2011 17:28     C:\Windows\system32\vsutil_loc0407.dll --------- 46592  
     18.02.2011 17:28     C:\Windows\system32\zpeng25.dll --------- 1238528  
     18.02.2011 17:28     C:\Windows\system32\zlcommdb.dll --------- 104448  
     18.02.2011 17:28     C:\Windows\system32\zlcomm.dll --------- 69120  
     18.02.2011 17:28     C:\Windows\system32\vsxml.dll --------- 110080  
     18.02.2011 17:28     C:\Windows\system32\vswmi.dll --------- 43008  
     18.02.2011 17:28     C:\Windows\system32\vspubapi.dll --------- 302592  
     18.02.2011 17:28     C:\Windows\system32\vsmonapi.dll --------- 108032  
     18.02.2011 17:28     C:\Windows\system32\vsinit.dll --------- 228864  
     18.02.2011 17:28     C:\Windows\system32\vsdata.dll --------- 112128  
     18.02.2011 17:28     C:\Windows\system32\vsutil.dll --------- 715264  
     18.02.2011 17:28     C:\Windows\system32\vsregexp.dll --------- 58368  
     17.02.2011 14:58     C:\Windows\system32\perfh009.dat --------- 595996  
     17.02.2011 14:58     C:\Windows\system32\perfc009.dat --------- 104070  
     17.02.2011 14:58     C:\Windows\system32\perfh007.dat --------- 628742  
     17.02.2011 14:58     C:\Windows\system32\perfc007.dat --------- 126454  
     17.02.2011 14:58     C:\Windows\system32\PerfStringBackup.INI --------- 1445310  
     11.02.2011 23:59     C:\Windows\system32\Tasks --------- 4096  
     10.02.2011 08:43     C:\Windows\system32\FNTCACHE.DAT --------- 306936  
     10.02.2011 08:40     C:\Windows\system32\migration --------- 4096  
     02.02.2011 21:40     C:\Windows\system32\javaws.exe --------- 157472  
     02.02.2011 21:40     C:\Windows\system32\javaw.exe --------- 145184  
     02.02.2011 21:40     C:\Windows\system32\java.exe --------- 145184  
     02.02.2011 21:40     C:\Windows\system32\deployJava1.dll --------- 472808  
     02.02.2011 17:11     C:\Windows\system32\MpSigStub.exe --------- 222080  
     21.01.2011 17:35     C:\Windows\system32\shlwapi.dll --------- 353280  
     21.01.2011 17:35     C:\Windows\system32\shell32.dll --------- 11586048  
     20.01.2011 17:08     C:\Windows\system32\dxgi.dll --------- 478720  
     20.01.2011 17:08     C:\Windows\system32\d3d10core.dll --------- 189952  
     20.01.2011 17:08     C:\Windows\system32\d3d10_1core.dll --------- 219648  
     20.01.2011 17:08     C:\Windows\system32\d3d10_1.dll --------- 160768  
     20.01.2011 17:08     C:\Windows\system32\d3d10.dll --------- 1029120  
     20.01.2011 17:07     C:\Windows\system32\cdd.dll --------- 37376  
     20.01.2011 17:07     C:\Windows\system32\winspool.drv --------- 258048  
     20.01.2011 17:07     C:\Windows\system32\stobject.dll --------- 586240  
     20.01.2011 17:07     C:\Windows\system32\shdocvw.dll --------- 1075712  
     20.01.2011 17:06     C:\Windows\system32\mf.dll --------- 2873344  
     20.01.2011 17:06     C:\Windows\system32\printfilterpipelineprxy.dll --------- 26112  
     20.01.2011 17:04     C:\Windows\system32\mfps.dll --------- 98816  
     20.01.2011 17:04     C:\Windows\system32\mfplat.dll --------- 209920  
     20.01.2011 15:28     C:\Windows\system32\xpsservices.dll --------- 1554432  
     20.01.2011 15:27     C:\Windows\system32\XpsPrint.dll --------- 876032  
     20.01.2011 15:26     C:\Windows\system32\printfilterpipelinesvc.exe --------- 667648  
     20.01.2011 15:25     C:\Windows\system32\OpcServices.dll --------- 847360  
     20.01.2011 15:24     C:\Windows\system32\XpsRasterService.dll --------- 135680  
     20.01.2011 15:15     C:\Windows\system32\MFH264Dec.dll --------- 979456  
     20.01.2011 15:14     C:\Windows\system32\MFHEAACdec.dll --------- 357376  
     20.01.2011 15:14     C:\Windows\system32\mfmp4src.dll --------- 302592  
     20.01.2011 15:14     C:\Windows\system32\mfreadwrite.dll --------- 261632  
     20.01.2011 15:12     C:\Windows\system32\d3d10warp.dll --------- 1172480  
     20.01.2011 15:11     C:\Windows\system32\d3d10level9.dll --------- 486400  
     20.01.2011 14:47     C:\Windows\system32\d2d1.dll --------- 683008  
     20.01.2011 00:15     C:\Windows\system32\config.nt --------- 2577  
     13.01.2011 09:47     C:\Windows\system32\aswBoot.exe --------- 188216  
     08.01.2011 09:47     C:\Windows\system32\atmlib.dll --------- 34304  
     08.01.2011 07:28     C:\Windows\system32\atmfd.dll --------- 292352  
     31.12.2010 14:57     C:\Windows\system32\win32k.sys --------- 2039808  
     29.12.2010 19:28     C:\Windows\system32\sbeio.dll --------- 153088  
     29.12.2010 19:28     C:\Windows\system32\sbe.dll --------- 322560  
     29.12.2010 19:28     C:\Windows\system32\EncDec.dll --------- 429056  
     29.12.2010 19:26     C:\Windows\system32\mpg2splt.ax --------- 177664  
     28.12.2010 16:55     C:\Windows\system32\odbc32.dll --------- 413696  
     25.12.2010 15:59     C:\Windows\system32\DRVSTORE --------- 0  
     18.12.2010 07:27     C:\Windows\system32\wininet.dll --------- 916480  
     18.12.2010 07:26     C:\Windows\system32\urlmon.dll --------- 1210880  
     18.12.2010 07:25     C:\Windows\system32\occache.dll --------- 206848  
     18.12.2010 07:23     C:\Windows\system32\mstime.dll --------- 611840  
     18.12.2010 07:23     C:\Windows\system32\mshtmled.dll --------- 66560  
     18.12.2010 07:23     C:\Windows\system32\mshtml.dll --------- 5961216  
     18.12.2010 07:23     C:\Windows\system32\msfeeds.dll --------- 602112  
     18.12.2010 07:23     C:\Windows\system32\msfeedsbs.dll --------- 55296  
     18.12.2010 07:22     C:\Windows\system32\licmgr10.dll --------- 43520  
     18.12.2010 07:22     C:\Windows\system32\jsproxy.dll --------- 25600  
     18.12.2010 07:22     C:\Windows\system32\inetcpl.cpl --------- 1469440  
     18.12.2010 07:22     C:\Windows\system32\ieui.dll --------- 164352  
     18.12.2010 07:22     C:\Windows\system32\iesysprep.dll --------- 109056  
     18.12.2010 07:22     C:\Windows\system32\iertutil.dll --------- 1991680  
     18.12.2010 07:22     C:\Windows\system32\iesetup.dll --------- 71680  
     18.12.2010 07:22     C:\Windows\system32\iernonce.dll --------- 55808  
     18.12.2010 07:22     C:\Windows\system32\iepeers.dll --------- 184320  
     18.12.2010 07:22     C:\Windows\system32\ieframe.dll --------- 11080704  
     18.12.2010 07:22     C:\Windows\system32\iedkcs32.dll --------- 387584  
     18.12.2010 06:25     C:\Windows\system32\html.iec --------- 385024  
     18.12.2010 05:48     C:\Windows\system32\ieUnatt.exe --------- 133632  
    ----------------------------------------
    
     
    C:\Windows\Prefetch
    
    ----------------------------------------
    
     
    C:\Windows\Tasks
    
     23.03.2011 11:00     C:\Windows\Tasks\Recovery DVD Creator-Tobstar.job --------- 344  
     23.03.2011 11:00     C:\Windows\Tasks\Erweiterte Garantie-Tobstar.job --------- 344  
     23.03.2011 09:56     C:\Windows\Tasks\SA.DAT --------- 6  
     23.03.2011 09:53     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32534  
     22.03.2011 10:56     C:\Windows\Tasks\Ad-Aware Update (Weekly).job --------- 370  
    ----------------------------------------
    
     
    C:\Windows\Temp
    
     23.03.2011 11:15     C:\Windows\Temp\_avast5_ --------- 12288  
     23.03.2011 11:14     C:\Windows\Temp\_avast_ --------- 4096  
     23.03.2011 09:56     C:\Windows\Temp\ZLT04cf9.TMP --------- 256  
     22.03.2011 09:13     C:\Windows\Temp\MpSigStub.log --------- 6506  
     17.03.2011 23:40     C:\Windows\Temp\IswTmp --------- 0  
    ----------------------------------------
    
     
    C:\Users\Tobstar\AppData\Local\Temp
    
     23.03.2011 11:16     C:\Users\Tobstar\AppData\Local\Temp\Rar$DI18.256 --------- 0  
     23.03.2011 11:13     C:\Users\Tobstar\AppData\Local\Temp\Low --------- 4096  
     23.03.2011 11:13     C:\Users\Tobstar\AppData\Local\Temp\~DFD6B0.tmp --------- 40960  
     23.03.2011 11:10     C:\Users\Tobstar\AppData\Local\Temp\VBE --------- 0  
     23.03.2011 11:10     C:\Users\Tobstar\AppData\Local\Temp\~DFC0DB.tmp --------- 512  
     23.03.2011 11:10     C:\Users\Tobstar\AppData\Local\Temp\CVR28F4.tmp.cvr --------- 0  
     23.03.2011 11:10     C:\Users\Tobstar\AppData\Local\Temp\4598004.od --------- 134  
     23.03.2011 11:10     C:\Users\Tobstar\AppData\Local\Temp\~DF5FEF.tmp --------- 24576  
     23.03.2011 11:10     C:\Users\Tobstar\AppData\Local\Temp\~DFD15B.tmp --------- 32768  
     23.03.2011 11:10     C:\Users\Tobstar\AppData\Local\Temp\~DF6925.tmp --------- 24576  
     23.03.2011 10:38     C:\Users\Tobstar\AppData\Local\Temp\~DF2C0A.tmp --------- 24576  
     23.03.2011 10:37     C:\Users\Tobstar\AppData\Local\Temp\~DF51AA.tmp --------- 32768  
     23.03.2011 10:37     C:\Users\Tobstar\AppData\Local\Temp\~DF51BF.tmp --------- 512  
     23.03.2011 10:37     C:\Users\Tobstar\AppData\Local\Temp\~DF5160.tmp --------- 512  
     23.03.2011 10:37     C:\Users\Tobstar\AppData\Local\Temp\~DF514B.tmp --------- 16384  
     23.03.2011 10:37     C:\Users\Tobstar\AppData\Local\Temp\~DF50D5.tmp --------- 512  
     23.03.2011 10:37     C:\Users\Tobstar\AppData\Local\Temp\~DF50BE.tmp --------- 32768  
     23.03.2011 10:37     C:\Users\Tobstar\AppData\Local\Temp\~DFC1B8.tmp --------- 16384  
     23.03.2011 10:03     C:\Users\Tobstar\AppData\Local\Temp\jusched.log --------- 403  
     23.03.2011 10:01     C:\Users\Tobstar\AppData\Local\Temp\Tobstar.bmp --------- 31832  
     23.03.2011 09:59     C:\Users\Tobstar\AppData\Local\Temp\~DFAB18.tmp --------- 98304  
     23.03.2011 09:59     C:\Users\Tobstar\AppData\Local\Temp\IswTmp --------- 4096  
     23.03.2011 09:58     C:\Users\Tobstar\AppData\Local\Temp\AdobeARM.log --------- 805  
     23.03.2011 09:58     C:\Users\Tobstar\AppData\Local\Temp\WPDNSE --------- 0  
     23.03.2011 09:58     C:\Users\Tobstar\AppData\Local\Temp\isw_acc_80100000 --------- 0  
     23.03.2011 09:53     C:\Users\Tobstar\AppData\Local\Temp\hsperfdata_Tobstar --------- 0  
     23.03.2011 09:53     C:\Users\Tobstar\AppData\Local\Temp\wmplog00.sqm --------- 2068  
     23.03.2011 09:38     C:\Users\Tobstar\AppData\Local\Temp\foxtab --------- 0  
     23.03.2011 09:07     C:\Users\Tobstar\AppData\Local\Temp\fsclm.dll --------- 309936  
     23.03.2011 09:07     C:\Users\Tobstar\AppData\Local\Temp\fsonlinescanner.exe --------- 1775240  
     23.03.2011 09:07     C:\Users\Tobstar\AppData\Local\Temp\xmllite.dll --------- 121856  
     23.03.2011 09:04     C:\Users\Tobstar\AppData\Local\Temp\~DFCE76.tmp --------- 98304  
     23.03.2011 00:22     C:\Users\Tobstar\AppData\Local\Temp\plugtmp-1 --------- 0  
     22.03.2011 16:51     C:\Users\Tobstar\AppData\Local\Temp\msohtmlclip1 --------- 0  
     22.03.2011 16:45     C:\Users\Tobstar\AppData\Local\Temp\plugtmp-2 --------- 0  
     22.03.2011 14:41     C:\Users\Tobstar\AppData\Local\Temp\History --------- 0  
     22.03.2011 14:41     C:\Users\Tobstar\AppData\Local\Temp\Cookies --------- 0  
     22.03.2011 14:41     C:\Users\Tobstar\AppData\Local\Temp\Temporary Internet Files --------- 0  
     20.03.2011 13:20     C:\Users\Tobstar\AppData\Local\Temp\OnlineScanner --------- 0  
     19.03.2011 11:01     C:\Users\Tobstar\AppData\Local\Temp\plugtmp --------- 4096  
     18.03.2011 22:53     C:\Users\Tobstar\AppData\Local\Temp\msohtmlclip --------- 0  
     17.03.2011 23:42     C:\Users\Tobstar\AppData\Local\Temp\_avast5_ --------- 0  
     17.03.2011 13:14     C:\Users\Tobstar\AppData\Local\Temp\Adobe --------- 0  
    ----------------------------------------
    
     
    C:\Program Files
    
     23.03.2011 10:32     C:\Program Files\Trend Micro --------- 4096  
     23.03.2011 09:47     C:\Program Files\Mozilla Firefox --------- 12288  
     23.03.2011 00:06     C:\Program Files\Mozilla Firefox 3.6 Beta 2 --------- 32768  
     12.03.2011 10:33     C:\Program Files\WinRAR --------- 4096  
     02.03.2011 08:17     C:\Program Files\CCleaner --------- 0  
     19.02.2011 16:57     C:\Program Files\Microsoft Silverlight --------- 4096  
     18.02.2011 22:09     C:\Program Files\Common Files --------- 4096  
     18.02.2011 22:09     C:\Program Files\Java --------- 0  
     11.02.2011 23:59     C:\Program Files\Skype --------- 0  
     10.02.2011 08:40     C:\Program Files\Windows Mail --------- 4096  
     10.02.2011 08:40     C:\Program Files\Internet Explorer --------- 4096  
     01.02.2011 00:55     C:\Program Files\DivX --------- 8192  
     30.01.2011 19:24     C:\Program Files\Adobe --------- 0  
     30.01.2011 19:21     C:\Program Files\NOS --------- 0  
     08.01.2011 18:40     C:\Program Files\ICQ7.2 --------- 16384  
     27.12.2010 09:46     C:\Program Files\Malwarebytes' Anti-Malware --------- 4096  
     25.12.2010 16:13     C:\Program Files\Spybot - Search & Destroy --------- 8192  
     15.12.2010 01:36     C:\Program Files\Microsoft Works --------- 28672  
     15.12.2010 01:23     C:\Program Files\QuickTime --------- 4096  
     21.11.2010 21:09     C:\Program Files\InstallShield Installation Information --------- 4096  
     14.11.2010 21:51     C:\Program Files\Nero --------- 4096  
     13.10.2010 22:09     C:\Program Files\Windows Media Player --------- 4096  
     27.09.2010 11:21     C:\Program Files\Sweet Home 3D --------- 4096  
     25.08.2010 09:41     C:\Program Files\filehippo.com --------- 4096  
     11.08.2010 20:34     C:\Program Files\Movie Maker --------- 4096  
     03.08.2010 00:52     C:\Program Files\ZoneAlarm-Sicherheit --------- 4096  
     03.08.2010 00:52     C:\Program Files\Conduit --------- 0  
     03.08.2010 00:52     C:\Program Files\CheckPoint --------- 0  
     20.07.2010 13:55     C:\Program Files\Zattoo4 --------- 4096  
     12.07.2010 09:11     C:\Program Files\Alwil Software --------- 0  
     25.06.2010 19:35     C:\Program Files\Microsoft.NET --------- 0  
     01.06.2010 09:47     C:\Program Files\GPLGS --------- 49152  
     28.05.2010 21:55     C:\Program Files\Epson Software --------- 0  
     28.05.2010 21:55     C:\Program Files\ABBYY FineReader 6.0 Sprint --------- 65536  
     28.05.2010 21:54     C:\Program Files\epson --------- 0  
     26.05.2010 08:25     C:\Program Files\Windows Live --------- 4096  
     26.05.2010 08:25     C:\Program Files\Microsoft --------- 0  
     26.05.2010 08:24     C:\Program Files\Windows Live SkyDrive --------- 0  
     26.05.2010 08:24     C:\Program Files\Microsoft SQL Server Compact Edition --------- 0  
     12.05.2010 13:19     C:\Program Files\Acro Software --------- 0  
     27.03.2010 09:50     C:\Program Files\TicketCreator --------- 0  
     17.11.2009 12:33     C:\Program Files\Windows Portable Devices --------- 0  
     12.11.2009 22:51     C:\Program Files\Mozilla Firefox 3.5 Preview --------- 28672  
     07.11.2009 18:23     C:\Program Files\Zattoo --------- 4096  
     18.09.2009 21:10     C:\Program Files\Windows Calendar --------- 0  
     18.09.2009 21:10     C:\Program Files\Windows Sidebar --------- 4096  
     18.09.2009 21:10     C:\Program Files\Windows Collaboration --------- 4096  
     18.09.2009 21:10     C:\Program Files\Windows Journal --------- 4096  
     18.09.2009 21:10     C:\Program Files\Windows Photo Gallery --------- 4096  
     18.09.2009 21:10     C:\Program Files\Windows Defender --------- 4096  
     10.07.2009 11:44     C:\Program Files\Sony --------- 0  
     10.07.2009 11:42     C:\Program Files\Apple Software Update --------- 4096  
     10.07.2009 11:39     C:\Program Files\Sony Setup --------- 0  
     12.06.2009 20:49     C:\Program Files\Microsoft Visual Studio --------- 0  
     12.06.2009 20:47     C:\Program Files\Microsoft Office --------- 4096  
     09.06.2009 09:49     C:\Program Files\regsrch --------- 0  
     08.06.2009 22:31     C:\Program Files\Visual Basic 6.0 Runtime&Steuerelemente --------- 0  
     08.06.2009 13:21     C:\Program Files\ATI --------- 0  
     08.06.2009 09:08     C:\Program Files\download --------- 0  
     07.06.2009 10:09     C:\Program Files\VideoLAN --------- 0  
     06.06.2009 13:32     C:\Program Files\Zone Labs --------- 0  
     06.06.2009 13:29     C:\Program Files\Google --------- 4096  
     06.06.2009 11:30     C:\Program Files\MSXML 4.0 --------- 0  
     06.06.2009 11:17     C:\Program Files\Gemeinsame Dateien --------- 0  
     06.06.2009 11:17     C:\Program Files\Windows NT --------- 4096  
     07.10.2008 16:13     C:\Program Files\Packard Bell --------- 4096  
     07.10.2008 16:13     C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites --------- 8192  
     07.10.2008 16:03     C:\Program Files\NeroInstall.bak --------- 0  
     07.10.2008 15:55     C:\Program Files\Seagate --------- 0  
     07.10.2008 15:54     C:\Program Files\HDReg --------- 4096  
     07.10.2008 15:48     C:\Program Files\X10 Hardware --------- 0  
     07.10.2008 15:47     C:\Program Files\Synaptics --------- 0  
     07.10.2008 15:45     C:\Program Files\Realtek --------- 0  
     07.10.2008 15:43     C:\Program Files\WIDCOMM --------- 0  
     07.10.2008 15:39     C:\Program Files\ATI Technologies --------- 0  
     07.10.2008 15:37     C:\Program Files\Packardbell --------- 0  
     07.10.2008 15:37     C:\Program Files\ATK Hotkey --------- 8192  
     07.10.2008 15:35     C:\Program Files\Intel --------- 0  
     21.01.2008 03:43     C:\Program Files\desktop.ini --------- 174  
     02.11.2006 14:01     C:\Program Files\Uninstall Information --------- 0  
     02.11.2006 13:37     C:\Program Files\Microsoft Games --------- 4096  
     02.11.2006 13:37     C:\Program Files\MSBuild --------- 0  
     02.11.2006 13:37     C:\Program Files\Reference Assemblies --------- 0  
    ----------------------------------------
    
     
    C:\ProgramData\.. 
    
    Tobstar    
    Default    
    desktop.ini    
    Default User    
    All Users    
    Public    
    ----------------------------------------
    
     
    C:\Windows\system32\drivers\etc\hosts
    
    127.0.0.1       localhost
    
    ----------------------------------------
    
     
    
    Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
    ========================= ======== ================ =========== ===============
    System Idle Process              0 Services                   0            24 K
    System                           4 Services                   0        19.080 K
    smss.exe                       520 Services                   0           684 K
    csrss.exe                      644 Services                   0         5.348 K
    wininit.exe                    700 Services                   0         4.832 K
    csrss.exe                      712 Console                    1        16.488 K
    services.exe                   744 Services                   0         6.676 K
    lsass.exe                      756 Services                   0         3.904 K
    lsm.exe                        764 Services                   0         5.244 K
    winlogon.exe                   828 Console                    1         5.344 K
    svchost.exe                    948 Services                   0         7.004 K
    svchost.exe                   1024 Services                   0         8.204 K
    svchost.exe                   1064 Services                   0        29.396 K
    Ati2evxx.exe                  1148 Services                   0         5.324 K
    svchost.exe                   1168 Services                   0        13.276 K
    svchost.exe                   1196 Services                   0        78.328 K
    svchost.exe                   1208 Services                   0        98.856 K
    audiodg.exe                   1336 Services                   0        17.520 K
    svchost.exe                   1364 Services                   0         5.692 K
    SLsvc.exe                     1380 Services                   0         5.476 K
    svchost.exe                   1468 Services                   0        11.708 K
    Ati2evxx.exe                  1508 Console                    1         5.864 K
    svchost.exe                   1604 Services                   0        13.792 K
    vsmon.exe                     1692 Services                   0        23.500 K
    AsLdrSrv.exe                  1976 Services                   0         4.516 K
    AvastSvc.exe                  1988 Services                   0        29.076 K
    ISWSVC.exe                    2020 Services                   0         8.096 K
    spoolsv.exe                   1736 Services                   0        10.748 K
    svchost.exe                   1956 Services                   0        13.040 K
    PhotoshopElementsFileAgen     2180 Services                   0         2.440 K
    svchost.exe                   2216 Services                   0         4.452 K
    btwdins.exe                   2264 Services                   0         5.008 K
    IAANTmon.exe                  2292 Services                   0         6.872 K
    NASvc.exe                     2448 Services                   0         6.944 K
    NBService.exe                 2472 Services                   0         6.436 K
    IoctlSvc.exe                  2552 Services                   0         4.020 K
    PnkBstrA.exe                  2592 Services                   0         4.524 K
    PnkBstrB.exe                  2612 Services                   0         4.728 K
    svchost.exe                   2624 Services                   0         5.436 K
    svchost.exe                   2648 Services                   0         6.552 K
    svchost.exe                   2684 Services                   0         4.196 K
    SearchIndexer.exe             2708 Services                   0        19.240 K
    taskeng.exe                   2840 Services                   0         6.664 K
    X10nets.exe                   2904 Services                   0         5.792 K
    taskeng.exe                   3136 Console                    1        10.336 K
    dwm.exe                       2508 Console                    1        61.096 K
    explorer.exe                  3028 Console                    1        60.440 K
    HControl.exe                  3448 Console                    1         7.740 K
    MsgTranAgt.exe                1308 Console                    1         3.040 K
    EcoBtn.exe                    3300 Console                    1         4.696 K
    ATKOSD.exe                    3588 Console                    1         6.932 K
    IAAnotif.exe                  3876 Console                    1         6.512 K
    HControlUser.exe              3888 Console                    1         4.172 K
    RtHDVCpl.exe                  3804 Console                    1         7.688 K
    SynTPEnh.exe                  3360 Console                    1         7.300 K
    AvastUI.exe                   4052 Console                    1         2.724 K
    jusched.exe                   1268 Console                    1         4.952 K
    zlclient.exe                  2488 Console                    1         4.340 K
    MOM.exe                       3284 Console                    1        12.148 K
    SmpSys.exe                     356 Console                    1         6.552 K
    sidebar.exe                   1360 Console                    1        24.708 K
    WDC.exe                       2484 Console                    1         5.752 K
    wmpnscfg.exe                  2492 Console                    1         6.492 K
    wmpnetwk.exe                  4060 Services                   0         9.936 K
    E_FATIFCE.EXE                 1860 Console                    1         5.920 K
    BTTray.exe                    4112 Console                    1         7.672 K
    unsecapp.exe                  4124 Console                    1         6.520 K
    WmiPrvSE.exe                  4168 Services                   0         7.148 K
    CCC.exe                       4976 Console                    1        11.000 K
    ForceField.exe                6024 Console                    1        27.012 K
    SynTPHelper.exe               6048 Console                    1         4.664 K
    svchost.exe                    912 Services                   0         5.608 K
    notepad.exe                   5860 Console                    1         7.432 K
    notepad.exe                   4776 Console                    1         7.300 K
    iexplore.exe                  4796 Console                    1        35.336 K
    FlashUtil10m_ActiveX.exe      6132 Console                    1         7.408 K
    iexplore.exe                  5160 Console                    1        79.644 K
    iexplore.exe                  2028 Console                    1        63.980 K
    iexplore.exe                  4040 Console                    1       152.964 K
    Skype.exe                     3632 Console                    1       124.520 K
    skypePM.exe                   5248 Console                    1        25.952 K
    WINWORD.EXE                   2912 Console                    1        75.188 K
    taskeng.exe                   6140 Services                   0         5.768 K
    iexplore.exe                   540 Console                    1       106.076 K
    SearchProtocolHost.exe        5140 Services                   0         9.644 K
    WinRAR.exe                    3424 Console                    1        16.168 K
    cmd.exe                       2776 Console                    1         5.176 K
    SearchFilterHost.exe          4464 Services                   0         6.492 K
    dllhost.exe                   5340 Console                    1         6.112 K
    tasklist.exe                  4712 Console                    1         6.252 K
    WmiPrvSE.exe                  5096 Services                   0         7.196 K
    
     
    ***** Ende des Scans 23.03.2011 um 11:16:24,86 ***

  3. #3
    Einsteiger
    Registriert seit
    23.03.2011
    Beiträge
    17

    AW: Mozilla Firefox hängt sich auf

    Hab ich vergessen etwas zu posten? Firefox hängt sich übrigens immernoch auf!

  4. #4
    Einsteiger
    Registriert seit
    23.03.2011
    Beiträge
    17

    AW: Mozilla Firefox hängt sich auf

    Hallo zusammen,

    diese Anfrage bzw. der Beitrag soll keinerlei Kritik an den Forenbetreibern sein, sondern lediglich für mich klären, wie ich weiter vorgehe.

    Mein erster Beitrag ist mittlerweile 4 Tage her. Meine Nachfrage, ob Informationen zur Bearbeitung des "Falles" fehlen, 2 Tage. Weiß keiner der Moderatoren wie mein Problem zu lösen ist, haben die Moderatoren zu viel zu tun oder fehlen schlicht und ergreifend noch mehr Infos? Wüßte gerne woran es liegt, da ich ansonsten auch nochmal in anderen Foren posten würde (Thema crossposting vermeiden)
    Habe vor 2 Jahren schonmal probleme gehabt und war mit der Hilfe aus diesem Forum sehr zu frieden, würde mich als über eine Rückmeldung, egal in welcher Form, freuen!

    Danke

  5. #5
    Administrator Team-Mitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    42.643

    AW: Mozilla Firefox hängt sich auf


    zunächst bitte anklicken und aufmerksam durchlesen: Worauf muss ich während der Bereinigung achten?
    Bestätige mir bitte in Deiner nächsten Antwort, dass Du das gelesen und verstanden hast.

    Besonders wichtig ist, dass Du die Punkte in der vorgegebenen Reihenfolge abarbeitest und sofort stoppst und fragst, wenn etwas nicht funktioniert, damit ich die Anleitung ggfs. ändern kann!


    ===== Punkt 1 =====

    Gab es Viren-Meldungen vom AV-Programm?

    Wenn Dein Anti-Virus-Programm Malware gefunden hat, schreibe uns möglichst genau die Namen der Funde auf, und in welchem Pfad sie sich befinden/befanden. An die nötigen Informationen kommst Du über die Logs/Berichte bzw. den Quarantäne-Ordner Deines Antiviren-Programms. Bei Avast! solltest Du im Virus Container infizierte Dateien finden.


    ===== Punkt 2 =====

    Versteckte Dateien und Ordner sichtbar machen

    Kannst Du auf Deinem Computer alle Dateien und Datei-Endungen sehen? Falls nein, bitte diese Einstellungen in den Ordneroptionen vornehmen.


    ===== Punkt 3 =====

    Systemscan mit OTL

    Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop.
    • Doppelklick auf die OTL.exe
    • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
    • Oben findest Du ein Kästchen mit Ausgabe.
      Wähle bitte Standard-Ausgabe
    • Unter Extra-Registrierung wähle bitte Benutze SafeList.
    • Mache Häckchen bei LOP- und Purity-Prüfung.
    • Klicke nun auf Scan links oben.



    • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
      Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
    • Poste die Logfiles in Code-Tags hier in den Thread.
    [°¿°] Ciao, Petra

    Neu hier? Bitte abarbeiten! | Malware-Bereinigung | Forenregeln
    Daten sichern! | Schulung | Kein Support per PN oder Mail! | Danke

  6. #6
    Einsteiger
    Registriert seit
    23.03.2011
    Beiträge
    17

    AW: Mozilla Firefox hängt sich auf

    Hallo Petra,

    danke für deine Rückmeldung. Hab gelesen,was während der Bereinigung zu beachten ist!

    Zu 1: Es gab keine konkreten Hinweise eines Antivirenprogramms. Im Quarantäne Ordner von Avast finden sich zwei Dateien vom November 2009:

    name: autorun.inf
    ort: F:



    Des Weiteren war nach dem Scan mit F-secure diese readme Datei auf dem Rechner zu finden:

    F-Secure antivirus quarantine directory

    This directory is intended for storing infected files and related metadata in
    a form where they cannot cause harm. Quarantined files are stored as tar
    (short for "tape archive") archives. As the quarantined files may be
    dangerous, you should not open, extract, or copy quarantine archive files.
    Quarantine should be accessed and managed through the "open quarantine" link
    in the F-Secure product user interface.

    Quarantine archive folder is protected against accidental access by file
    system access controls (systems with NTFS partition) or hidden attribute
    (FAT32).

    Das einzige was ich beobachten konnte ist, dass sich der firefox schon in der 3.6 Version öfters mal selbst beendet hat. und sich der 4.0 jetzt immer nach ein paar sekunden "freezt"

    Punkt2: Erledigt

    Punkt 3:

    Code:
    OTL logfile created on: 27.03.2011 22:57:49 - Run 1
    OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Tobstar\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
    6,00 Gb Paging File | 4,00 Gb Available in Paging File | 71,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 286,09 Gb Total Space | 203,11 Gb Free Space | 70,99% Space Free | Partition Type: NTFS
    Drive D: | 298,09 Gb Total Space | 259,46 Gb Free Space | 87,04% Space Free | Partition Type: NTFS
     
    Computer Name: TOBSTAR-PC | User Name: Tobstar | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2011.03.27 22:54:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tobstar\Desktop\OTL.exe
    PRC - [2011.03.25 11:42:03 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
    PRC - [2011.03.24 09:38:34 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe
    PRC - [2011.02.23 17:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
    PRC - [2011.02.23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2011.02.18 18:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
    PRC - [2011.02.18 18:28:38 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
    PRC - [2011.02.15 17:25:48 | 000,488,952 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
    PRC - [2011.02.15 17:25:42 | 000,738,808 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ForceField.exe
    PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe
    PRC - [2009.04.11 08:28:11 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
    PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
    PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2008.10.02 02:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFCE.EXE
    PRC - [2008.06.13 07:52:52 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
    PRC - [2008.05.09 18:55:24 | 002,555,904 | ---- | M] () -- C:\Programme\ATK Hotkey\ATKOSD.exe
    PRC - [2008.05.09 16:31:06 | 000,307,200 | ---- | M] (Packardbell) -- C:\Programme\Packardbell\EcoBtn\EcoBtn.exe
    PRC - [2008.05.08 17:03:22 | 000,233,472 | ---- | M] (ATK0100) -- C:\Programme\ATK Hotkey\HControl.exe
    PRC - [2008.05.07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2008.05.07 17:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    PRC - [2008.04.10 11:32:18 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
    PRC - [2008.02.04 12:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Programme\Packard Bell\SetUpMyPC\SmpSys.exe
    PRC - [2008.01.23 10:51:28 | 000,151,552 | R--- | M] () -- C:\Programme\ATK Hotkey\WDC.exe
    PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
    PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
    PRC - [2008.01.11 22:40:10 | 000,098,304 | R--- | M] () -- C:\Programme\ATK Hotkey\HControlUser.exe
    PRC - [2007.11.04 19:48:06 | 000,106,496 | R--- | M] () -- C:\Programme\ATK Hotkey\MsgTranAgt.exe
    PRC - [2007.10.02 21:53:00 | 000,094,208 | R--- | M] () -- C:\Programme\ATK Hotkey\AsLdrSrv.exe
    PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
     
     
    ========== Modules (SafeList) ==========
     
    MOD - [2011.03.27 22:54:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tobstar\Desktop\OTL.exe
    MOD - [2011.02.23 17:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\snxhk.dll
    MOD - [2011.02.15 17:25:56 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
    MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
    MOD - [2009.11.18 23:05:33 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
    MOD - [2009.11.18 23:05:33 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
     
     
    ========== Win32 Services (SafeList) ==========
     
    SRV - File not found [Auto | Stopped] --  -- (Nero BackItUp Scheduler 4.0)
    SRV - [2011.02.23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2011.02.18 18:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
    SRV - [2011.02.15 17:25:48 | 000,488,952 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
    SRV - [2010.11.29 11:42:56 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
    SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
    SRV - [2008.10.07 16:32:52 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008.05.07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
    SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007.10.02 21:53:00 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Programme\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
    SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
    SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV - [2011.02.23 16:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2011.02.23 16:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2011.02.23 16:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2011.02.23 16:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2011.02.23 16:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2011.02.23 16:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2011.02.15 17:25:36 | 000,026,872 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
    DRV - [2010.05.15 17:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
    DRV - [2008.06.26 00:30:50 | 003,662,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
    DRV - [2008.06.10 18:35:54 | 003,839,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2008.05.29 04:28:00 | 000,146,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2008.05.02 07:59:40 | 000,122,368 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
    DRV - [2008.02.15 17:42:42 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
    DRV - [2008.01.31 12:40:10 | 000,443,904 | ---- | M] (DiBcom) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700)
    DRV - [2007.12.18 17:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
    DRV - [2007.10.01 08:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
    DRV - [2007.07.30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
    DRV - [2007.07.30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
    DRV - [2006.12.14 09:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
    DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.packardbell.com/?id=9283
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.startup.homepage: "http://www.web.de/"
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
    FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
    FF - prefs.js..extensions.enabledItems: fsonlinescanner@f-secure.com:1.01
    FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
    FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
    FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.3.3.2
    FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.265.2
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.97
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632
    FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
     
    FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011.03.07 12:08:42 | 000,000,000 | ---D | M]
     
    [2009.06.06 14:09:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Extensions
    [2011.03.23 00:58:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions
    [2011.03.11 08:11:38 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
    [2009.08.30 21:01:32 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
    [2010.12.25 11:41:16 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2011.03.12 11:42:10 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
    [2011.01.30 20:20:57 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    [2010.11.19 11:57:38 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2011.03.23 00:58:19 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}
    [2011.03.23 00:58:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\engine@conduit.com
    [2009.10.20 17:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\fsonlinescanner@f-secure.com
    [2009.11.06 00:46:46 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\moveplayer@movenetworks.com
    [2011.03.23 00:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\nostmp
    [2011.03.25 15:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
    File not found (No name found) -- 
    [2009.06.10 11:27:28 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    [2009.09.01 17:34:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
     
    O1 HOSTS File: ([2009.06.10 00:43:44 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1       localhost
    O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google\Google_BAE\BAE.dll (Packard Bell)
    O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
    O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
    O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
    O4 - HKCU..\Run: [EPSON SX410 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE (SEIKO EPSON CORPORATION)
    O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\filehippo.com\UpdateChecker.exe (FileHippo.com)
    O4 - HKCU..\Run: [SmpcSys] C:\Programme\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
    O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll]  File not found
    O4 - Startup: C:\Users\Tobstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher)
    O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Tobstar\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Tobstar\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{11107264-fd54-11de-b921-a1be1805b60d}\Shell\AutoRun\command - "" = 8xcrbho6.exe
    O33 - MountPoints2\{11107264-fd54-11de-b921-a1be1805b60d}\Shell\open\Command - "" = 8xcrbho6.exe
    O33 - MountPoints2\{11107269-fd54-11de-b921-a1be1805b60d}\Shell - "" = AutoRun
    O33 - MountPoints2\{11107269-fd54-11de-b921-a1be1805b60d}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\{5793a88a-5296-11de-be9e-00235414dbbc}\Shell - "" = AutoRun
    O33 - MountPoints2\{5793a88a-5296-11de-be9e-00235414dbbc}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
    O33 - MountPoints2\{dd2f4e70-07c4-11e0-96a8-0016ea594b82}\Shell - "" = AutoRun
    O33 - MountPoints2\{dd2f4e70-07c4-11e0-96a8-0016ea594b82}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{dd2f4e7d-07c4-11e0-96a8-0016ea594b82}\Shell - "" = AutoRun
    O33 - MountPoints2\{dd2f4e7d-07c4-11e0-96a8-0016ea594b82}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{edd2a3d8-279d-11e0-abde-00235414dbbc}\Shell - "" = AutoRun
    O33 - MountPoints2\{edd2a3d8-279d-11e0-abde-00235414dbbc}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\F\Shell - "" = AutoRun
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2011.03.27 22:54:51 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Tobstar\Desktop\OTL.exe
    [2011.03.25 15:50:39 | 000,371,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2011.03.25 15:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    [2011.03.25 15:47:41 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
    [2011.03.25 15:47:13 | 000,000,000 | R--D | C] -- C:\Programme\Skype
    [2011.03.25 11:42:04 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2011.03.25 11:42:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011.03.25 11:42:03 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2011.03.25 11:42:03 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2011.03.25 11:42:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
    [2011.03.25 11:42:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2011.03.25 11:42:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011.03.25 11:42:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2011.03.25 11:42:02 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011.03.25 11:42:01 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2011.03.25 11:42:00 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2011.03.25 11:41:59 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2011.03.25 11:41:59 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2011.03.25 11:41:59 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011.03.25 11:41:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2011.03.25 11:41:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2011.03.25 11:41:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2011.03.25 11:41:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2011.03.25 11:41:58 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2011.03.25 11:41:58 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011.03.25 11:41:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2011.03.25 11:41:58 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2011.03.25 11:41:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2011.03.25 11:41:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011.03.25 11:41:57 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011.03.25 11:41:57 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2011.03.25 11:41:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2011.03.25 11:41:57 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2011.03.25 11:41:56 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2011.03.25 11:41:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2011.03.25 11:41:56 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2011.03.25 11:41:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2011.03.25 11:41:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011.03.25 11:41:56 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
    [2011.03.25 11:41:56 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2011.03.25 11:41:56 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011.03.25 11:41:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2011.03.25 11:41:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011.03.25 11:41:55 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2011.03.23 11:32:00 | 000,000,000 | ---D | C] -- C:\rsit
    [2011.03.23 10:15:09 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2011.03.23 10:15:08 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
    [2011.03.22 15:40:50 | 000,000,000 | ---D | C] -- C:\Users\Tobstar\Telekom
    [2011.03.15 00:16:40 | 000,000,000 | ---D | C] -- C:\Users\Tobstar\AppData\Roaming\f-secure
    [2011.03.11 23:54:55 | 000,000,000 | ---D | C] -- C:\Users\Tobstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2011.03.11 23:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2011.03.08 21:59:29 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
    [2011.03.08 21:59:29 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
    [2011.03.08 21:59:29 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
    [2011.03.08 21:59:29 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
    [2011.03.07 11:44:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
    [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2011.03.27 22:59:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2011.03.27 22:59:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2011.03.27 22:54:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tobstar\Desktop\OTL.exe
    [2011.03.27 22:00:03 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Erweiterte Garantie-Tobstar.job
    [2011.03.27 22:00:02 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Tobstar.job
    [2011.03.27 11:05:13 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
    [2011.03.27 11:05:13 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011.03.27 11:05:13 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
    [2011.03.27 11:05:13 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011.03.27 10:58:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011.03.27 10:58:56 | 3220,426,752 | -HS- | M] () -- C:\hiberfil.sys
    [2011.03.27 03:20:50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
    [2011.03.26 13:16:11 | 000,146,944 | ---- | M] () -- C:\Users\Tobstar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011.03.25 15:50:39 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2011.03.25 11:57:00 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2011.03.25 11:42:17 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
    [2011.03.25 11:42:17 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
    [2011.03.25 11:42:04 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2011.03.25 11:42:03 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011.03.25 11:42:03 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2011.03.25 11:42:03 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2011.03.25 11:42:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
    [2011.03.25 11:42:03 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2011.03.25 11:42:03 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011.03.25 11:42:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2011.03.25 11:42:02 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011.03.25 11:42:01 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2011.03.25 11:42:00 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2011.03.25 11:41:59 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2011.03.25 11:41:59 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2011.03.25 11:41:59 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011.03.25 11:41:59 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2011.03.25 11:41:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2011.03.25 11:41:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2011.03.25 11:41:59 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
    [2011.03.25 11:41:59 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2011.03.25 11:41:58 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2011.03.25 11:41:58 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011.03.25 11:41:58 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2011.03.25 11:41:58 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2011.03.25 11:41:58 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2011.03.25 11:41:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011.03.25 11:41:57 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011.03.25 11:41:57 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2011.03.25 11:41:57 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2011.03.25 11:41:57 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2011.03.25 11:41:56 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2011.03.25 11:41:56 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2011.03.25 11:41:56 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2011.03.25 11:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2011.03.25 11:41:56 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011.03.25 11:41:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
    [2011.03.25 11:41:56 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2011.03.25 11:41:56 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011.03.25 11:41:56 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2011.03.25 11:41:56 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011.03.25 11:41:55 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2011.03.24 23:46:08 | 000,017,408 | ---- | M] () -- C:\Users\Tobstar\AppData\Local\WebpageIcons.db
    [2011.03.23 12:15:08 | 000,002,097 | ---- | M] () -- C:\Users\Tobstar\Desktop\hjtscanlist.zip
    [2011.03.23 11:31:41 | 000,339,991 | ---- | M] () -- C:\Users\Tobstar\Desktop\RSIT.exe
    [2011.03.07 11:44:47 | 000,421,441 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
    [2011.03.07 11:44:41 | 000,011,954 | ---- | M] () -- C:\Windows\System32\vsconfig.xml
    [2011.03.02 00:38:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2011.03.02 00:38:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2011.03.25 11:41:59 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
    [2011.03.23 12:15:07 | 000,002,097 | ---- | C] () -- C:\Users\Tobstar\Desktop\hjtscanlist.zip
    [2011.03.23 11:31:24 | 000,339,991 | ---- | C] () -- C:\Users\Tobstar\Desktop\RSIT.exe
    [2011.03.02 00:38:25 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
    [2011.03.02 00:38:25 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
    [2010.07.20 14:55:58 | 000,017,408 | ---- | C] () -- C:\Users\Tobstar\AppData\Local\WebpageIcons.db
    [2010.05.28 22:53:23 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
    [2010.05.28 22:53:23 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
    [2010.05.28 22:53:23 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
    [2010.05.28 22:53:23 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
    [2010.05.28 22:53:23 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
    [2010.05.28 22:53:23 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
    [2010.05.28 22:53:23 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
    [2010.05.28 22:53:23 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
    [2010.05.28 22:53:23 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
    [2010.05.28 22:53:23 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
    [2010.05.28 22:53:23 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
    [2010.05.28 22:53:23 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
    [2010.05.28 22:53:23 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
    [2010.05.28 22:53:23 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
    [2010.05.28 22:53:23 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
    [2010.05.28 22:53:23 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
    [2010.05.28 22:53:23 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
    [2010.05.28 22:53:23 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
    [2010.05.28 22:53:23 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
    [2010.05.27 17:13:50 | 000,000,680 | ---- | C] () -- C:\Users\Tobstar\AppData\Local\d3d9caps.dat
    [2010.05.12 14:19:05 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
    [2009.09.17 09:00:13 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2009.09.17 09:00:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009.08.10 18:43:49 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2009.08.10 18:43:48 | 000,022,328 | ---- | C] () -- C:\Users\Tobstar\AppData\Roaming\PnkBstrK.sys
    [2009.08.10 18:43:31 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
    [2009.08.10 18:43:20 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
    [2009.08.10 18:43:19 | 002,337,865 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
    [2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
    [2009.06.11 15:12:53 | 000,146,944 | ---- | C] () -- C:\Users\Tobstar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.06.10 11:30:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2009.06.07 12:48:33 | 000,000,358 | ---- | C] () -- C:\Users\Tobstar\AppData\Roaming\wklnhst.dat
    [2009.06.06 16:04:39 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
    [2009.06.06 12:54:06 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2008.10.08 02:06:35 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
    [2008.10.08 02:06:35 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
    [2008.10.08 02:06:35 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
    [2008.10.08 02:06:35 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
    [2008.10.08 02:01:51 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
    [2008.10.08 02:01:51 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
    [2008.10.07 16:57:34 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
    [2008.10.07 16:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2008.10.07 16:47:15 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
    [2008.10.07 16:24:25 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
    [2008.07.18 07:52:14 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
    [2008.07.18 07:52:14 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2008.07.18 07:52:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
    [2008.07.18 07:52:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
    [2008.07.18 07:52:13 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2008.07.18 07:52:13 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
    [2008.04.18 06:33:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
    [2007.04.16 03:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
    [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2006.11.02 14:47:37 | 000,306,936 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
    [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
    [2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
    [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
    [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
    [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
    [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
    [2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
     
    ========== LOP Check ==========
     
    [2010.08.03 01:53:05 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\CheckPoint
    [2011.03.15 00:16:40 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\f-secure
    [2011.03.27 14:14:47 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\ICQ
    [2009.06.06 16:40:34 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Packard Bell
    [2009.07.10 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Sony
    [2009.07.10 12:39:49 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Sony Setup
    [2010.12.14 23:10:17 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Telekom
    [2010.12.14 23:27:15 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Telekom Internet Manager
    [2009.06.07 12:48:34 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Template
    [2011.03.25 11:57:00 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
    [2011.03.27 22:00:03 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\Erweiterte Garantie-Tobstar.job
    [2011.03.27 22:00:02 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-Tobstar.job
    [2011.03.27 03:20:51 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
     
    ========== Purity Check ==========
     
     
     
    ========== Alternate Data Streams ==========
     
    @Alternate Data Stream - 64 bytes -> C:\Users\Tobstar\13062010002.mp4:TOC.WMV
    
    < End of report >

    Die Extra.txt Datei habe ich bisher noch nicht erhalten. Das Programm hat sich jetzt zum dritten mal mit "keine Rückmeldung" verabschiedet!

  7. #7
    Einsteiger
    Registriert seit
    23.03.2011
    Beiträge
    17

    AW: Mozilla Firefox hängt sich auf

    Jetzt ging es:

    Code:
    OTL logfile created on: 27.03.2011 23:14:06 - Run 1
    OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Tobstar\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
    6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 286,09 Gb Total Space | 203,14 Gb Free Space | 71,01% Space Free | Partition Type: NTFS
    Drive D: | 298,09 Gb Total Space | 259,46 Gb Free Space | 87,04% Space Free | Partition Type: NTFS
     
    Computer Name: TOBSTAR-PC | User Name: Tobstar | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2011.03.27 22:54:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tobstar\Desktop\OTL.exe
    PRC - [2011.03.25 11:42:03 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe
    PRC - [2011.03.24 09:38:34 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10o_ActiveX.exe
    PRC - [2011.02.23 17:04:20 | 003,451,496 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
    PRC - [2011.02.23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
    PRC - [2011.02.18 18:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
    PRC - [2011.02.18 18:28:38 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
    PRC - [2011.02.15 17:25:48 | 000,488,952 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
    PRC - [2011.02.15 17:25:42 | 000,738,808 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\ForceField.exe
    PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe
    PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
    PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2008.10.02 02:00:00 | 000,199,680 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFCE.EXE
    PRC - [2008.06.13 07:52:52 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
    PRC - [2008.05.09 18:55:24 | 002,555,904 | ---- | M] () -- C:\Programme\ATK Hotkey\ATKOSD.exe
    PRC - [2008.05.09 16:31:06 | 000,307,200 | ---- | M] (Packardbell) -- C:\Programme\Packardbell\EcoBtn\EcoBtn.exe
    PRC - [2008.05.08 17:03:22 | 000,233,472 | ---- | M] (ATK0100) -- C:\Programme\ATK Hotkey\HControl.exe
    PRC - [2008.05.07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2008.05.07 17:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    PRC - [2008.04.10 11:32:18 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
    PRC - [2008.02.04 12:13:36 | 001,038,136 | ---- | M] (Packard Bell BV) -- C:\Programme\Packard Bell\SetUpMyPC\SmpSys.exe
    PRC - [2008.01.23 10:51:28 | 000,151,552 | R--- | M] () -- C:\Programme\ATK Hotkey\WDC.exe
    PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
    PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
    PRC - [2008.01.11 22:40:10 | 000,098,304 | R--- | M] () -- C:\Programme\ATK Hotkey\HControlUser.exe
    PRC - [2007.11.04 19:48:06 | 000,106,496 | R--- | M] () -- C:\Programme\ATK Hotkey\MsgTranAgt.exe
    PRC - [2007.10.02 21:53:00 | 000,094,208 | R--- | M] () -- C:\Programme\ATK Hotkey\AsLdrSrv.exe
    PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
     
     
    ========== Modules (SafeList) ==========
     
    MOD - [2011.03.27 22:54:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tobstar\Desktop\OTL.exe
    MOD - [2011.02.23 17:04:17 | 000,197,208 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\snxhk.dll
    MOD - [2011.02.15 17:25:56 | 000,640,504 | ---- | M] (Check Point Software Technologies) -- C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
    MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
    MOD - [2009.11.18 23:05:33 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll
    MOD - [2009.11.18 23:05:33 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll
     
     
    ========== Win32 Services (SafeList) ==========
     
    SRV - File not found [Auto | Stopped] --  -- (Nero BackItUp Scheduler 4.0)
    SRV - [2011.02.23 17:04:19 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2011.02.18 18:30:32 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
    SRV - [2011.02.15 17:25:48 | 000,488,952 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
    SRV - [2010.11.29 11:42:56 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
    SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
    SRV - [2008.10.07 16:32:52 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2008.05.07 17:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
    SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007.10.02 21:53:00 | 000,094,208 | R--- | M] () [Auto | Running] -- C:\Programme\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
    SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
    SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV - [2011.02.23 16:56:55 | 000,371,544 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2011.02.23 16:56:45 | 000,301,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2011.02.23 16:55:49 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2011.02.23 16:55:10 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2011.02.23 16:55:03 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2011.02.23 16:54:55 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2011.02.15 17:25:36 | 000,026,872 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
    DRV - [2010.05.15 17:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
    DRV - [2008.06.26 00:30:50 | 003,662,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
    DRV - [2008.06.10 18:35:54 | 003,839,488 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
    DRV - [2008.05.29 04:28:00 | 000,146,848 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
    DRV - [2008.05.02 07:59:40 | 000,122,368 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
    DRV - [2008.02.15 17:42:42 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
    DRV - [2008.01.31 12:40:10 | 000,443,904 | ---- | M] (DiBcom) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvb7700all.sys -- (mod7700)
    DRV - [2007.12.18 17:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
    DRV - [2007.10.01 08:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
    DRV - [2007.07.30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
    DRV - [2007.07.30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
    DRV - [2006.12.14 09:11:58 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
    DRV - [2006.11.17 10:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.packardbell.com/?id=9283
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    ========== FireFox ==========
     
    FF - prefs.js..browser.startup.homepage: "http://www.web.de/"
    FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
    FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
    FF - prefs.js..extensions.enabledItems: fsonlinescanner@f-secure.com:1.01
    FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
    FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
    FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.3.3.2
    FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.265.2
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
    FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.97
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
    FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632
    FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
     
    FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011.03.07 12:08:42 | 000,000,000 | ---D | M]
     
    [2009.06.06 14:09:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Extensions
    [2011.03.23 00:58:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions
    [2011.03.11 08:11:38 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
    [2009.08.30 21:01:32 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
    [2010.12.25 11:41:16 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
    [2011.03.12 11:42:10 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
    [2011.01.30 20:20:57 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
    [2010.11.19 11:57:38 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
    [2011.03.23 00:58:19 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}
    [2011.03.23 00:58:18 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\engine@conduit.com
    [2009.10.20 17:42:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\fsonlinescanner@f-secure.com
    [2009.11.06 00:46:46 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\moveplayer@movenetworks.com
    [2011.03.23 00:57:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobstar\AppData\Roaming\mozilla\Firefox\Profiles\8sr2c0q9.default\extensions\nostmp
    [2011.03.25 15:34:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
    File not found (No name found) -- 
    [2009.06.10 11:27:28 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
    [2009.09.01 17:34:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
     
    O1 HOSTS File: ([2009.06.10 00:43:44 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1       localhost
    O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Programme\Google\Google_BAE\BAE.dll (Packard Bell)
    O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
    O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
    O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
    O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
    O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [toolbar_eula_launcher] C:\Programme\Packard Bell\GOOGLE_EULA\EULALauncher.exe ( )
    O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
    O4 - HKCU..\Run: [EPSON SX410 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE (SEIKO EPSON CORPORATION)
    O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\filehippo.com\UpdateChecker.exe (FileHippo.com)
    O4 - HKCU..\Run: [SmpcSys] C:\Programme\Packard Bell\SetUpMyPC\SmpSys.exe (Packard Bell BV)
    O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll]  File not found
    O4 - HKLM..\RunOnce: [B Register C:\Program Files\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll]  File not found
    O4 - Startup: C:\Users\Tobstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O13 - gopher Prefix: missing
    O16 - DPF: {076169AA-8C3D-4CFC-AC23-3ACA88FC21B5} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher)
    O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} http://download.sp.f-secure.com/ols/f-secure-rtm/resources/fslauncher.cab (F-Secure Online Scanner Launcher)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\Users\Tobstar\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Tobstar\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
    O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{11107264-fd54-11de-b921-a1be1805b60d}\Shell\AutoRun\command - "" = 8xcrbho6.exe
    O33 - MountPoints2\{11107264-fd54-11de-b921-a1be1805b60d}\Shell\open\Command - "" = 8xcrbho6.exe
    O33 - MountPoints2\{11107269-fd54-11de-b921-a1be1805b60d}\Shell - "" = AutoRun
    O33 - MountPoints2\{11107269-fd54-11de-b921-a1be1805b60d}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\{5793a88a-5296-11de-be9e-00235414dbbc}\Shell - "" = AutoRun
    O33 - MountPoints2\{5793a88a-5296-11de-be9e-00235414dbbc}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
    O33 - MountPoints2\{dd2f4e70-07c4-11e0-96a8-0016ea594b82}\Shell - "" = AutoRun
    O33 - MountPoints2\{dd2f4e70-07c4-11e0-96a8-0016ea594b82}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{dd2f4e7d-07c4-11e0-96a8-0016ea594b82}\Shell - "" = AutoRun
    O33 - MountPoints2\{dd2f4e7d-07c4-11e0-96a8-0016ea594b82}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\{edd2a3d8-279d-11e0-abde-00235414dbbc}\Shell - "" = AutoRun
    O33 - MountPoints2\{edd2a3d8-279d-11e0-abde-00235414dbbc}\Shell\AutoRun\command - "" = F:\AutoRun.exe
    O33 - MountPoints2\F\Shell - "" = AutoRun
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2011.03.27 22:54:51 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Tobstar\Desktop\OTL.exe
    [2011.03.25 15:50:39 | 000,371,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2011.03.25 15:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    [2011.03.25 15:47:41 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
    [2011.03.25 15:47:13 | 000,000,000 | R--D | C] -- C:\Programme\Skype
    [2011.03.25 11:42:04 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2011.03.25 11:42:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011.03.25 11:42:03 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2011.03.25 11:42:03 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2011.03.25 11:42:03 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
    [2011.03.25 11:42:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2011.03.25 11:42:03 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011.03.25 11:42:03 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2011.03.25 11:42:02 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011.03.25 11:42:01 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2011.03.25 11:42:00 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2011.03.25 11:41:59 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2011.03.25 11:41:59 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2011.03.25 11:41:59 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011.03.25 11:41:59 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2011.03.25 11:41:59 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2011.03.25 11:41:59 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2011.03.25 11:41:59 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2011.03.25 11:41:58 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2011.03.25 11:41:58 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011.03.25 11:41:58 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2011.03.25 11:41:58 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2011.03.25 11:41:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2011.03.25 11:41:58 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011.03.25 11:41:57 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011.03.25 11:41:57 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2011.03.25 11:41:57 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2011.03.25 11:41:57 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2011.03.25 11:41:56 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2011.03.25 11:41:56 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2011.03.25 11:41:56 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2011.03.25 11:41:56 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2011.03.25 11:41:56 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011.03.25 11:41:56 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
    [2011.03.25 11:41:56 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2011.03.25 11:41:56 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011.03.25 11:41:56 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2011.03.25 11:41:56 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011.03.25 11:41:55 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2011.03.23 11:32:00 | 000,000,000 | ---D | C] -- C:\rsit
    [2011.03.23 10:15:09 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
    [2011.03.23 10:15:08 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
    [2011.03.22 15:40:50 | 000,000,000 | ---D | C] -- C:\Users\Tobstar\Telekom
    [2011.03.15 00:16:40 | 000,000,000 | ---D | C] -- C:\Users\Tobstar\AppData\Roaming\f-secure
    [2011.03.11 23:54:55 | 000,000,000 | ---D | C] -- C:\Users\Tobstar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2011.03.11 23:54:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2011.03.08 21:59:29 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
    [2011.03.08 21:59:29 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
    [2011.03.08 21:59:29 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
    [2011.03.08 21:59:29 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
    [2011.03.07 11:44:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
    [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
     
    ========== Files - Modified Within 30 Days ==========
     
    [2011.03.27 22:59:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2011.03.27 22:59:01 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2011.03.27 22:54:51 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Tobstar\Desktop\OTL.exe
    [2011.03.27 22:00:03 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Erweiterte Garantie-Tobstar.job
    [2011.03.27 22:00:02 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\Recovery DVD Creator-Tobstar.job
    [2011.03.27 11:05:13 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
    [2011.03.27 11:05:13 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011.03.27 11:05:13 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
    [2011.03.27 11:05:13 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011.03.27 10:58:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011.03.27 10:58:56 | 3220,426,752 | -HS- | M] () -- C:\hiberfil.sys
    [2011.03.27 03:20:50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
    [2011.03.26 13:16:11 | 000,146,944 | ---- | M] () -- C:\Users\Tobstar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011.03.25 15:50:39 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2011.03.25 11:57:00 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
    [2011.03.25 11:42:17 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
    [2011.03.25 11:42:17 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
    [2011.03.25 11:42:04 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
    [2011.03.25 11:42:03 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2011.03.25 11:42:03 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
    [2011.03.25 11:42:03 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2011.03.25 11:42:03 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
    [2011.03.25 11:42:03 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2011.03.25 11:42:03 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2011.03.25 11:42:03 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
    [2011.03.25 11:42:02 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
    [2011.03.25 11:42:01 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
    [2011.03.25 11:42:00 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
    [2011.03.25 11:41:59 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
    [2011.03.25 11:41:59 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
    [2011.03.25 11:41:59 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2011.03.25 11:41:59 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
    [2011.03.25 11:41:59 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2011.03.25 11:41:59 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2011.03.25 11:41:59 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
    [2011.03.25 11:41:59 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2011.03.25 11:41:58 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
    [2011.03.25 11:41:58 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2011.03.25 11:41:58 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
    [2011.03.25 11:41:58 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
    [2011.03.25 11:41:58 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
    [2011.03.25 11:41:58 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
    [2011.03.25 11:41:57 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2011.03.25 11:41:57 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2011.03.25 11:41:57 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
    [2011.03.25 11:41:57 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
    [2011.03.25 11:41:56 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2011.03.25 11:41:56 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
    [2011.03.25 11:41:56 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
    [2011.03.25 11:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
    [2011.03.25 11:41:56 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
    [2011.03.25 11:41:56 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
    [2011.03.25 11:41:56 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
    [2011.03.25 11:41:56 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2011.03.25 11:41:56 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
    [2011.03.25 11:41:56 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
    [2011.03.25 11:41:55 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
    [2011.03.24 23:46:08 | 000,017,408 | ---- | M] () -- C:\Users\Tobstar\AppData\Local\WebpageIcons.db
    [2011.03.23 12:15:08 | 000,002,097 | ---- | M] () -- C:\Users\Tobstar\Desktop\hjtscanlist.zip
    [2011.03.23 11:31:41 | 000,339,991 | ---- | M] () -- C:\Users\Tobstar\Desktop\RSIT.exe
    [2011.03.07 11:44:47 | 000,421,441 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
    [2011.03.07 11:44:41 | 000,011,954 | ---- | M] () -- C:\Windows\System32\vsconfig.xml
    [2011.03.02 00:38:25 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
    [2011.03.02 00:38:25 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
    [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
     
    ========== Files Created - No Company Name ==========
     
    [2011.03.25 11:41:59 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
    [2011.03.23 12:15:07 | 000,002,097 | ---- | C] () -- C:\Users\Tobstar\Desktop\hjtscanlist.zip
    [2011.03.23 11:31:24 | 000,339,991 | ---- | C] () -- C:\Users\Tobstar\Desktop\RSIT.exe
    [2011.03.02 00:38:25 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
    [2011.03.02 00:38:25 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
    [2010.07.20 14:55:58 | 000,017,408 | ---- | C] () -- C:\Users\Tobstar\AppData\Local\WebpageIcons.db
    [2010.05.28 22:53:23 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
    [2010.05.28 22:53:23 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
    [2010.05.28 22:53:23 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
    [2010.05.28 22:53:23 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
    [2010.05.28 22:53:23 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
    [2010.05.28 22:53:23 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
    [2010.05.28 22:53:23 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
    [2010.05.28 22:53:23 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
    [2010.05.28 22:53:23 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
    [2010.05.28 22:53:23 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
    [2010.05.28 22:53:23 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
    [2010.05.28 22:53:23 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
    [2010.05.28 22:53:23 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
    [2010.05.28 22:53:23 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
    [2010.05.28 22:53:23 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
    [2010.05.28 22:53:23 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
    [2010.05.28 22:53:23 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
    [2010.05.28 22:53:23 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
    [2010.05.28 22:53:23 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
    [2010.05.27 17:13:50 | 000,000,680 | ---- | C] () -- C:\Users\Tobstar\AppData\Local\d3d9caps.dat
    [2010.05.12 14:19:05 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
    [2009.09.17 09:00:13 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2009.09.17 09:00:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009.08.10 18:43:49 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
    [2009.08.10 18:43:48 | 000,022,328 | ---- | C] () -- C:\Users\Tobstar\AppData\Roaming\PnkBstrK.sys
    [2009.08.10 18:43:31 | 000,107,832 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
    [2009.08.10 18:43:20 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
    [2009.08.10 18:43:19 | 002,337,865 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
    [2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
    [2009.06.11 15:12:53 | 000,146,944 | ---- | C] () -- C:\Users\Tobstar\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009.06.10 11:30:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2009.06.07 12:48:33 | 000,000,358 | ---- | C] () -- C:\Users\Tobstar\AppData\Roaming\wklnhst.dat
    [2009.06.06 16:04:39 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
    [2009.06.06 12:54:06 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2008.10.08 02:06:35 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
    [2008.10.08 02:06:35 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
    [2008.10.08 02:06:35 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
    [2008.10.08 02:06:35 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
    [2008.10.08 02:01:51 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
    [2008.10.08 02:01:51 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
    [2008.10.07 16:57:34 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
    [2008.10.07 16:50:33 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2008.10.07 16:47:15 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
    [2008.10.07 16:24:25 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
    [2008.07.18 07:52:14 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
    [2008.07.18 07:52:14 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
    [2008.07.18 07:52:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
    [2008.07.18 07:52:14 | 000,040,960 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
    [2008.07.18 07:52:13 | 000,174,819 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
    [2008.07.18 07:52:13 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
    [2008.04.18 06:33:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
    [2007.04.16 03:24:16 | 000,023,752 | ---- | C] () -- C:\Windows\System32\providers.bin
    [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2006.11.02 14:47:37 | 000,306,936 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
    [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
    [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
    [2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
    [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
    [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
    [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
    [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
    [2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
     
    ========== LOP Check ==========
     
    [2010.08.03 01:53:05 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\CheckPoint
    [2011.03.15 00:16:40 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\f-secure
    [2011.03.27 14:14:47 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\ICQ
    [2009.06.06 16:40:34 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Packard Bell
    [2009.07.10 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Sony
    [2009.07.10 12:39:49 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Sony Setup
    [2010.12.14 23:10:17 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Telekom
    [2010.12.14 23:27:15 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Telekom Internet Manager
    [2009.06.07 12:48:34 | 000,000,000 | ---D | M] -- C:\Users\Tobstar\AppData\Roaming\Template
    [2011.03.25 11:57:00 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
    [2011.03.27 22:00:03 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\Erweiterte Garantie-Tobstar.job
    [2011.03.27 22:00:02 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\Recovery DVD Creator-Tobstar.job
    [2011.03.27 03:20:51 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
     
    ========== Purity Check ==========
     
     
     
    ========== Alternate Data Streams ==========
     
    @Alternate Data Stream - 64 bytes -> C:\Users\Tobstar\13062010002.mp4:TOC.WMV
    
    < End of report >
    und

    Code:
    OTL Extras logfile created on: 27.03.2011 23:14:06 - Run 1
    OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Tobstar\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 51,00% Memory free
    6,00 Gb Paging File | 4,00 Gb Available in Paging File | 70,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 286,09 Gb Total Space | 203,14 Gb Free Space | 71,01% Space Free | Partition Type: NTFS
    Drive D: | 298,09 Gb Total Space | 259,46 Gb Free Space | 87,04% Space Free | Partition Type: NTFS
     
    Computer Name: TOBSTAR-PC | User Name: Tobstar | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
     
    ========== Shell Spawning ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
    Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    ========== Security Center Settings ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
    "UacDisableNotify" = 0
    "InternetSettingsDisableNotify" = 0
    "AutoUpdateDisableNotify" = 0
    "FirewallDisableNotify" = 0
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    "DisableMonitoring" = 1
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring" = 1
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    "DisableMonitoring" = 1
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 1
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    ========== System Restore Settings ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 0
    "DisableNotifications" = 0
     
    ========== Authorized Applications List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{CB6EECBE-3006-40C9-9E1A-A7E66ABF36E9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0AEADFA8-5680-458A-B938-EACEAB0161AE}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
    "{18B54933-93D4-4585-B330-A279418FA55E}" = protocol=6 | dir=in | app=d:\games\strongholdlegends.exe | 
    "{1B63F06A-B8E3-4FFE-8857-E4585F11B723}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
    "{24B88C21-6078-46DF-ADD5-829D649A738B}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
    "{39338F2A-D875-45AE-8E18-67DA89B3E075}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
    "{3B1956BD-BAFA-4055-BE27-675C3D4DC0F5}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe | 
    "{3C5F0AC7-03E0-4E44-AA99-6A07589F167C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
    "{3F2E1BAF-4854-430E-B4F1-2A702060B0D2}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
    "{4244A964-FA92-447E-911C-62EC12BABE80}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
    "{4AC645DD-106C-41CF-B242-9B92614DF050}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
    "{55E0B92B-45DC-4002-8F89-E456E2B00F40}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | 
    "{5FA28B64-784C-4D0F-BE3C-7CBE5142DEC9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
    "{662AEFF0-B33F-4CBA-95FE-7250CF1A7E4F}" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
    "{6F9E5036-891A-4304-9301-E471E9ECC40F}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe | 
    "{8692C64F-C9F1-41FA-95FC-CE60059917DE}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
    "{873DE2B5-82DF-4E5D-B544-105276C0371B}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
    "{8DA5D3DF-F5DD-4611-AB69-96715EE94638}" = protocol=17 | dir=in | app=d:\games\binaries\r6vegas2_game.exe | 
    "{95617786-A692-4128-B66B-273781F9A5A1}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
    "{97EC3E4C-9E7D-417F-B242-8990945CE627}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
    "{A0187FF0-2C74-40C3-9205-2794AE02CC56}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
    "{AE94D57C-7345-4EC7-8845-600D62893D8E}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
    "{B161D1B6-AA69-4436-930B-8CAF792E8DDA}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
    "{B218876E-8D56-4BAC-8470-FEBC3ADE98FB}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
    "{B79754BD-995A-4287-9864-2DD12E0D4E23}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
    "{C10A8B14-E5AC-477B-927B-219F115C4D79}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
    "{C19D0F0C-A1B2-4878-B5ED-E3DC625DF5AF}" = protocol=17 | dir=in | app=d:\games\strongholdlegends.exe | 
    "{C9E45C7A-CCB8-4FC8-A060-275BC0662394}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
    "{CC1CDF13-7322-4AE1-B2A3-7A5220344413}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
    "{CFED62AF-35D2-4310-BB6A-CA733F5D9384}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | 
    "{E3D80A26-1E78-46FC-8F29-D39003E26333}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe | 
    "{E5B88F27-F696-4B9F-869F-2688884F14E8}" = protocol=17 | dir=in | app=d:\games\binaries\r6vegas2_launcher.exe | 
    "{E76464EF-EB38-4110-8E35-3F275F21A32E}" = protocol=6 | dir=in | app=d:\games\binaries\r6vegas2_game.exe | 
    "{EF04E95A-CB81-4EEB-B789-25C6FCEE0329}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe | 
    "{F048E0A0-C86B-4241-BE40-5F03D2588AE8}" = protocol=6 | dir=in | app=d:\games\binaries\r6vegas2_launcher.exe | 
    "{F1FB3CFB-4E33-4326-B39C-96BCBBBF2020}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe | 
    "{FEE68A23-B5CA-41D6-A8EE-B3A2BAAC5A6C}" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
    "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
    "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
    "{096EB4FC-E110-8426-4295-CE869349527C}" = Catalyst Control Center Localization Turkish
    "{0C7D5C27-49E4-3273-5B83-EE608FFD7FA8}" = Catalyst Control Center Localization Swedish
    "{0D37C7F0-2C9B-692C-4657-3A1BDD9F67C8}" = CCC Help French
    "{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
    "{11D9CBD3-17FF-1456-47DA-0817FD09816B}" = CCC Help Spanish
    "{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
    "{18C8C1F6-A36A-A42E-1FB2-D9B3ECF538AD}" = CCC Help Finnish
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
    "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 24
    "{28F332E8-7A90-512B-E222-67013949139E}" = ccc-utility
    "{29A1D086-A174-485A-1577-ED3E98CEB391}" = Catalyst Control Center Localization Polish
    "{29DCE677-70BB-A83C-F7B3-D2E5C31748B9}" = CCC Help Russian
    "{2A1598E3-4CB4-545A-A824-F7921E31167E}" = Catalyst Control Center Localization Greek
    "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
    "{32EC3CBE-4A4A-2BB7-2BB6-F5A49902A6EE}" = Skins
    "{336DA7E1-35FC-67C7-2A6A-1E048D661B35}" = Catalyst Control Center Localization Dutch
    "{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
    "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
    "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
    "{3BDAD4E1-5A70-E9BF-CA71-05C9DA49040B}" = CCC Help Hungarian
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
    "{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
    "{4583D057-A120-6B48-7BCE-FDFC86556C4C}" = Catalyst Control Center Localization Czech
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4C5D72D0-CDFE-3952-C813-FA2F52FB2C87}" = CCC Help Greek
    "{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
    "{4F5D7C1B-6CB0-F45C-F83E-A1FC98FA2C0B}" = CCC Help Italian
    "{5178758D-BAF8-40BE-BC10-8D9EAE57273F}" = Media Go
    "{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
    "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
    "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.2
    "{54E77B08-4375-4584-7363-ECE88A784013}" = Catalyst Control Center Localization German
    "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
    "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
    "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
    "{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
    "{61A55572-0E51-F389-583C-55EBAA4ED575}" = CCC Help Japanese
    "{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{66433C66-28B6-7E2B-9B77-66D10E5E055F}" = CCC Help Polish
    "{66A405D2-BA14-4594-BF36-B3B544F0754E}" = Stronghold Legends
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6AB9A96D-C554-E68F-FD7A-8991C99AA497}" = Catalyst Control Center Graphics Previews Vista
    "{6CF61AF4-F808-9114-E34A-72831AC7660E}" = CCC Help English
    "{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
    "{72EABC0D-94EB-E569-877E-7BC634A67F0D}" = Catalyst Control Center Localization Russian
    "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
    "{7DBCD0B0-F5E1-4072-9B68-EBF32B322756}" = Packardbell_EcoBtn
    "{81042C93-7A00-71BC-51E9-768A6F849DA2}" = CCC Help Czech
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
    "{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
    "{86520F07-CEA2-5681-39CA-DF844C659E16}" = CCC Help Swedish
    "{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8D4BD33B-0429-A9D3-B4B8-68D956F8EE95}" = Catalyst Control Center Localization Chinese Traditional
    "{8E50189D-A1B3-3929-5D2F-EC405F7C8A3D}" = CCC Help Chinese Standard
    "{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
    "{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
    "{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
    "{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
    "{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
    "{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
    "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
    "{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
    "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
    "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
    "{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
    "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{980B9958-1239-4FC5-8C88-AC5650321031}" = Nero 8 Essentials
    "{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9D38CCB7-DE05-A447-8651-8231BC2656BC}" = Catalyst Control Center Graphics Full New
    "{9D77BA02-5C15-BA02-B338-FA9351D4140D}" = CCC Help Turkish
    "{9E18CB28-70FE-F6F6-9ED9-A661FF87C1AB}" = ccc-core-static
    "{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
    "{A5D74142-6C1B-5CE3-0D76-A41504FBDC47}" = CCC Help Danish
    "{AA7D6DB6-9D3F-4CB9-31C0-B4794E0D75D5}" = Catalyst Control Center Localization Danish
    "{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
    "{AB75B59E-07C8-084F-5C7F-E3567ABB4248}" = Catalyst Control Center Localization Japanese
    "{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
    "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
    "{ae4e065b-8296-49ed-9519-acd883e61e14}" = Nero 9 Lite
    "{AE6370D7-4926-E5C2-705C-9B98B4600C09}" = CCC Help German
    "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
    "{B1DA213E-4EE2-19F4-277E-81C0E0487076}" = CCC Help Chinese Traditional
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B85A4462-E53C-932E-42EF-2506755EC9A1}" = Catalyst Control Center Localization Thai
    "{BC4CA8FA-41D2-4B81-8680-E9B7573D6500}" = PlayStation(R)Network Downloader
    "{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
    "{BE426BC1-F401-1E0A-1334-FED883491077}" = Catalyst Control Center InstallProxy
    "{BEDB89F5-DF1A-D1E3-A99F-8E64C3BFB934}" = CCC Help Korean
    "{BFD373DA-A54D-C040-AD6C-3A1A7FFDA880}" = Catalyst Control Center Localization Italian
    "{C3E314F1-A53F-D3D7-D7C2-7D0345D6C5D6}" = Catalyst Control Center Graphics Previews Common
    "{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
    "{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
    "{CBCF8E27-A027-CBBD-0F01-58DB1D0E8CF1}" = Catalyst Control Center Localization Chinese Standard
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{CE560B9B-2991-FE0A-3A78-E053CF94B3DC}" = Catalyst Control Center Localization Norwegian
    "{CEE5F860-7FAB-80D0-E7CF-022C18B95E25}" = ATI Catalyst Install Manager
    "{CF5E038B-B6FF-A325-A448-1A02AF57340A}" = CCC Help Portuguese
    "{D1F23CD0-D2B0-FEA3-E015-2F50BC64B1F4}" = Catalyst Control Center Graphics Full Existing
    "{D3224046-1642-9CA4-0908-86EA5F76EBDC}" = Catalyst Control Center Localization Portuguese
    "{D359B12F-9B1A-46FD-B70C-F507B5B11590}" = HDRegDE
    "{d59bf824-cec3-464d-82f5-641b41091ed8}" = Nero 9 Essentials
    "{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
    "{D700ADD4-F389-3EE6-9B9E-2EEFF23B68A2}" = Catalyst Control Center Localization French
    "{D7DACC88-5011-78D1-5AB8-8967AC37C190}" = Catalyst Control Center Localization Hungarian
    "{DA96BC7A-8208-73CB-CDFB-6B07CC6033D5}" = Catalyst Control Center Localization Finnish
    "{DB1384E7-B98E-7482-4FF5-401A8F852D84}" = CCC Help Thai
    "{E1B05228-9CC4-2702-E106-76D70B4BDDFA}" = Catalyst Control Center Core Implementation
    "{E1EC5742-3B54-3E4A-3EEA-DA779ED38FE1}" = CCC Help Norwegian
    "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
    "{E3A5DDF7-17BD-43F1-9EBA-BB136EEB17DC}" = Catalyst Control Center - Branding
    "{E635F30D-FA08-C46B-0BB8-903A1EA04342}" = Catalyst Control Center Graphics Light
    "{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
    "{EC977620-330D-EC0B-A937-EEFF183AE912}" = CCC Help Dutch
    "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
    "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
    "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
    "{F596720A-C838-3830-703A-5B3906E277AB}" = Catalyst Control Center Localization Korean
    "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "{F99A4B91-B160-B60D-876E-0CF895E15E06}" = Catalyst Control Center Localization Spanish
    "{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "AdobePE6" = Adobe Photoshop Elements 6
    "AdobeReader" = Adobe Reader 8
    "ATKHotkey" = ATK Hotkey UTILITY V1.00.0037
    "AUDIO" = Realtek High Definition Audio Driver V6.0.1.5643
    "avast" = avast! Free Antivirus
    "Bluetooth" = WIDCOMM Bluetooth Software pack V5.2.0.500
    "CAMERA" = USB 2.0 1.3M UVC WebCam Camera driver V61.005.029.190
    "Carbonite" = Carbonite
    "Carbonite Setup Lite" = Sichern Sie Ihre Daten
    "CCleaner" = CCleaner
    "CIR" = ITECIR Vista Driver V5.0.4.6
    "CutePDF Writer Installation" = CutePDF Writer 2.8
    "EcoButton" = Packardbell EcoButton UTILITY V1.00.01
    "EPSON Scanner" = EPSON Scan
    "Epson Stylus SX210_SX410_TX210_TX410 Benutzerhandbuch" = Epson Stylus SX210_SX410_TX210_TX410 Handbuch
    "EPSON SX410 Series" = EPSON SX410 Series Printer Uninstall
    "filehippo.com" = FileHippo.com Update Checker
    "GoogleBAE" = Google BAE
    "GoogleToolbar" = Google Toolbar
    "Hattrick Organizer" = Hattrick Organizer (remove only)
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "ImageWriter" = Packard Bell ImageWriter
    "IMSM" = Intel(R) Matrix Storage Manager V8.2.0.1001
    "Infocentre" = Infocentre Rev. 2.0.0.1
    "InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
    "LAN" = Realtek PCI-E Gigabit Ethernet Driver V6.206.0502.2008
    "LCDTest" = Packard Bell LCD Test
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
    "METABOLI" = Metaboli
    "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
    "Nero8" = Nero 8 Essentials
    "OFF2k7_GE" = Microsoft® Office 2007
    "PunkBusterSvc" = PunkBuster Services
    "RICOH" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
    "SETUPMYPC_DE" = SetUp My PC
    "SKYPE" = Skype 3.6.2.248
    "ST6UNST #1" = Visual Basic 6.0 Runtime&Steuerelemente
    "STANDARD" = Microsoft Office Standard 2007
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "TOUCHPAD" = Synaptics Pointing Device driver Ver11.0.4.0
    "Updator" = Packard Bell Updator
    "USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
    "VGA" = ATI Display Driver V8.510.0.0000
    "VLC media player" = VLC media player 1.0.0-rc4
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "WinRAR archiver" = WinRAR 4.00 (32-bit)
    "WLAN" = Intel Wireless WiFi Link Adapters Ver12.0.0.82
    "works9" = Microsoft Works 9
    "X10Hardware" = X10 Hardware(TM)
    "Zattoo" = Zattoo 3.3.4 Beta
    "Zattoo4" = Zattoo4 4.0.5
    "ZoneAlarm" = ZoneAlarm
    "ZoneAlarm Toolbar" = ZoneAlarm Toolbar
     
    ========== HKEY_CURRENT_USER Uninstall List ==========
     
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8
     
    ========== Last 10 Event Log Errors ==========
     
    [ Antivirus Events ]
    Error - 09.06.2009 05:33:04 | Computer Name = Tobstar-PC | Source = avast! | ID = 33554522
    Description = 
     
    [ Application Events ]
    Error - 26.03.2011 04:49:00 | Computer Name = Tobstar-PC | Source = WinMgmt | ID = 10
    Description = 
     
    Error - 26.03.2011 07:02:45 | Computer Name = Tobstar-PC | Source = WinMgmt | ID = 10
    Description = 
     
    Error - 26.03.2011 10:57:15 | Computer Name = Tobstar-PC | Source = EventSystem | ID = 4621
    Description = 
     
    Error - 26.03.2011 16:01:24 | Computer Name = Tobstar-PC | Source = WinMgmt | ID = 10
    Description = 
     
    Error - 26.03.2011 17:49:53 | Computer Name = Tobstar-PC | Source = WinMgmt | ID = 10
    Description = 
     
    Error - 26.03.2011 21:20:45 | Computer Name = Tobstar-PC | Source = EventSystem | ID = 4621
    Description = 
     
    Error - 27.03.2011 05:00:29 | Computer Name = Tobstar-PC | Source = WinMgmt | ID = 10
    Description = 
     
    Error - 27.03.2011 08:18:08 | Computer Name = Tobstar-PC | Source = Application Error | ID = 1000
    Description = Fehlerhafte Anwendung SearchIndexer.exe, Version 7.0.6002.18005, Zeitstempel
     0x49e02459, fehlerhaftes Modul TQUERY.DLL, Version 7.0.6002.18005, Zeitstempel 
    0x49e0382e, Ausnahmecode 0xc0000005, Fehleroffset 0x000b1f69,  Prozess-ID 0xc8c, Anwendungsstartzeit
     01cbec5d42cbdfb5.
     
    Error - 27.03.2011 16:57:27 | Computer Name = Tobstar-PC | Source = Application Hang | ID = 1002
    Description = Programm OTL.exe, Version 3.2.22.3 arbeitet nicht mehr mit Windows
     zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
     für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
     zu suchen.  Prozess-ID: 1558  Anfangszeit: 01cbecc15e999615  Zeitpunkt der Beendigung:
     15
     
    Error - 27.03.2011 17:13:45 | Computer Name = Tobstar-PC | Source = Application Hang | ID = 1002
    Description = Programm OTL.exe, Version 3.2.22.3 arbeitet nicht mehr mit Windows
     zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
     für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
     zu suchen.  Prozess-ID: 14dc  Anfangszeit: 01cbecc19ddd4ba5  Zeitpunkt der Beendigung:
     47
     
    [ OSession Events ]
    Error - 13.07.2010 17:04:34 | Computer Name = Tobstar-PC | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
     12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5468
     seconds with 4620 seconds of active time.  This session ended with a crash.
     
    [ System Events ]
    Error - 26.03.2011 16:01:24 | Computer Name = Tobstar-PC | Source = Service Control Manager | ID = 7000
    Description = 
     
    Error - 26.03.2011 16:01:43 | Computer Name = Tobstar-PC | Source = Service Control Manager | ID = 7026
    Description = 
     
    Error - 26.03.2011 17:48:35 | Computer Name = Tobstar-PC | Source = EventLog | ID = 6008
    Description = Das System wurde zuvor am 26.03.2011 um 22:47:00 unerwartet heruntergefahren.
     
    Error - 26.03.2011 17:48:42 | Computer Name = Tobstar-PC | Source = Dhcpv6 | ID = 1008
    Description = Die Netzwerkschnittstelle, die mit diesem System verbunden ist, konnte
     nicht initialisiert werden. Fehlercode: %%5.
     
    Error - 26.03.2011 17:49:53 | Computer Name = Tobstar-PC | Source = Service Control Manager | ID = 7000
    Description = 
     
    Error - 26.03.2011 17:50:35 | Computer Name = Tobstar-PC | Source = Service Control Manager | ID = 7026
    Description = 
     
    Error - 27.03.2011 04:59:03 | Computer Name = Tobstar-PC | Source = Dhcpv6 | ID = 1008
    Description = Die Netzwerkschnittstelle, die mit diesem System verbunden ist, konnte
     nicht initialisiert werden. Fehlercode: %%5.
     
    Error - 27.03.2011 05:00:30 | Computer Name = Tobstar-PC | Source = Service Control Manager | ID = 7000
    Description = 
     
    Error - 27.03.2011 05:00:45 | Computer Name = Tobstar-PC | Source = Service Control Manager | ID = 7026
    Description = 
     
    Error - 27.03.2011 08:19:01 | Computer Name = Tobstar-PC | Source = Service Control Manager | ID = 7031
    Description = 
     
     
    < End of report >

  8. #8
    Administrator Team-Mitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    42.643

    AW: Mozilla Firefox hängt sich auf

    ===== Punkt 1 =====

    2. Habe immer mal wieder den f-secure-onlinescanner über den Rechner laufen lassen. Seit einer Woche zeigt er täglich 2,3 infizierte Dateien an. Gestern abend dann 6.
    Ich würde gerne wissen, welche Funde genau da gemacht wurden, also Dateipfad und Art der gefundenen Infektion. Kannst Du Dich da noch an Details erinnern? War da z. B. eine 8xcrbho6.exe dabei? Schaue mal, ob Du unter C:\Users\Tobstar\AppData\Roaming\f-secure noch Details in Logfiles finden kannst.


    ===== Punkt 2 =====

    Was sind Deine Laufwerke I und F?


    ===== Punkt 3 =====

    Seit wann ist ZoneAlarm installiert?


    ===== Punkt 4 =====

    Firefox ganz neu installieren
    • 1. Firefox 4 herunterladen.
    • 2. Speichere Deine Lesezeichen wie folgt:
      Firefox starten => Lesezeichen => Lesezeichen verwalten
      Importieren und Backup => Backup
      speichere die Lesezeichen<Datum>.json auf Deinem Desktop.
    • 3. Firefox über Systemsteuerung => Software deinstallieren.
    • 4. Suche nach Firefox-Ordnern in Dokumente und Einstellungen (bei Vista und Windows 7 suche in Benutzer) und lösche diese manuell.
      Dabei gehen zwar auch alle Addons und Plugins verloren, aber die kannst Du ja wieder neu installieren.
      Falls Du Dokumente und Einstellungen nicht siehst, sind die Ordner noch versteckt, mache sie sichtbar.
    • 5. Mit dem CCleaner die Registry bereinigen und temp. Dateien löschen.
    • 6. Rechner neu starten.
    • 7. Firefox erneut installieren.
    • 8. Berichten, ob das Problem behoben ist.
    Geändert von Petra (28.03.2011 um 01:08 Uhr)
    [°¿°] Ciao, Petra

    Neu hier? Bitte abarbeiten! | Malware-Bereinigung | Forenregeln
    Daten sichern! | Schulung | Kein Support per PN oder Mail! | Danke

  9. #9
    Einsteiger
    Registriert seit
    23.03.2011
    Beiträge
    17

    AW: Mozilla Firefox hängt sich auf

    1. Also der f-secure ordner ist leer. Kein Inhalt drin. Soll ich nochmal einen neuen F-secure scan machen?
    2. I ist auf jeden Fall eines der USB Laufwerke. F: Ehrlich gesagt keine Ahnung. Vielleicht mal ne extern angeschlossene Festplatte. Oder wie krieg ich noch raus, was es sein könnte?
    3. Seit Sommer 2009.
    4.Gemacht: Firefox "friert" wieder ein, d.h. ich kann das Bild nicht verkleinern und keine Felder anwäheln. Wenn ichs dann über den Task-Manager (dort steht übrigens nichts von "keine Rückmeldung" )beende, heißt es: "das Programm kann nicht beendet werden, da eine Antwort von Ihnen erwartet wird"

  10. #10
    Administrator Team-Mitglied Avatar von Petra
    Registriert seit
    03.05.2007
    Ort
    Nähe Düsseldorf
    Beiträge
    42.643

    AW: Mozilla Firefox hängt sich auf

    nein, mache bitte folgendes:

    Malware mit Combofix beseitigen

    Lade Combofix von einem der folgenden Download-Spiegel herunter:

    BleepingComputer.com - ForoSpyware.com

    und speichere das Programm auf den Desktop, nicht woanders hin, das ist wichtig!
    Beachte die ausführliche Original-Anleitung.

    Zurzeit ist Combofix auf folgenden Windows-Versionen lauffähig:
    list][*]Windows XP (nur 32-bit)[*] Windows 2000 (nur 32-bit)[*]Windows Vista (32-bit/64-bit)[*] Windows 7 (32-bit/64-bit)[/list]

    Vorbereitung und wichtige Hinweise
    • Bitte während des Scans mit Combofix Antiviren- sowie Antispy-Programme, die Firewall und evtl. vorhandenes Skript-Blocking (Norton) deaktivieren.
    • Liste der zu deaktivierenden Programme.
      Bei Unklarheiten bitte vorher fragen.
    • Bitte während des Laufs von Combofix nicht in das Combofix-Fenster klicken.
    • Das könnte Dein System einfrieren oder hängen bleiben lassen.
    • Es kann circa eine Viertelstunde dauern, bis der Scan fertig ist.
    • ComboFix wird Deine Einstellungen in Bezug auf den Bildschirmschoner zurücksetzen.
    • Diese Einstellungen kannst Du nach Beendigung unserer Bereinigung wieder ändern.
    • Mache nichts anderes, wenn es Dir nicht gelungen ist, Combofix laufen zu lassen.
    • Teile uns das mit und warte auf unsere Anweisungen.


    Kurzanleitung zur Installation der Wiederherstellungskonsole unter XP
    • Doppelklicke auf die ComboFix.exe und folge den Anweisungen.
    • Akzeptiere die Bedingungen (Disclaimer) mit "Ja".
    • ComboFix wird schauen, ob die Microsoft-Windows-Wiederherstellungskonsole installiert ist.
      Dies ist Teil des Prozesses. Angesichts der Art von Malware Infizierungen, die es heute gibt, wird dringend empfohlen, diese Wiederherstellungskonsole auf dem PC installiert zu haben, bevor jegliche Reinigung von Malware durchgeführt wird.
    • Folge den Anweisungen, um ComboFix das Herunterladen und Installieren der Wiederherstellungskonsole zu ermöglichen und stimme dem Lizenzvertrag (EULA) zu, sobald Du dazu aufgefordert wirst.

    ** Zur Information: Sollte die Wiederherstellungskonsole schon installiert sein, so wird ComboFix seine Malware-Entfernungsprozedur normal fortfahren.



    Sobald die Wiederherstellungskonsole durch ComboFix installiert wurde, solltest Du folgende Nachricht sehen:



    Klicke "Ja", um mit dem Suchlauf nach Malware fortzufahren.



    Wenn ComboFix fertig ist, wird es ein Log erstellen (bitte warten, das dauert einen Moment).
    Unbedingt warten, bis sich das Combofix-Fenster geschlossen hat und das Logfile im Editor erscheint.
    Bitte poste die Log-Dateien C:\ComboFix.txt und C:\Qoobox\Add-Remove Programs.txt in Code-Tags hier in den Thread.

    Hinweis: Combofix macht aus verschiedenen Gründen den Internet Explorer zum Standard-Browser und erstellt ein IE-Icon auf dem Desktop.
    Das IE-Desktop-Icon kannst Du nach der Bereinigung wieder löschen und Deinen bevorzugten Browser wieder als Standard-Browser einstellen.

    Combofix nicht auf eigene Faust einsetzen. Wenn keine entsprechende Infektion vorliegt, kann das den Rechner lahmlegen und/oder nachhaltig schädigen!
    [°¿°] Ciao, Petra

    Neu hier? Bitte abarbeiten! | Malware-Bereinigung | Forenregeln
    Daten sichern! | Schulung | Kein Support per PN oder Mail! | Danke

Seite 1 von 3 123 LetzteLetzte

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. Antworten: 3
    Letzter Beitrag: 26.07.2010, 10:19
  2. Firefox hängt sich auf
    Von Train1990 im Forum Archiv
    Antworten: 2
    Letzter Beitrag: 06.01.2010, 12:01
  3. Firefox hängt sich ständig auf -.-
    Von Death River im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 20.11.2007, 14:49
  4. Firefox hängt sich gerne auf
    Von schokasd im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 10.10.2007, 18:52
  5. firefox hängt sich ständig auf
    Von sioux im Forum Archiv
    Antworten: 6
    Letzter Beitrag: 23.07.2007, 16:02

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •