Firefox und IE stürzen mit Blue Screen ab

Dieses Thema Firefox und IE stürzen mit Blue Screen ab im Forum "Viren, Trojaner, Spyware etc." wurde erstellt von audipaule, 15. Apr. 2010.

Thema: Firefox und IE stürzen mit Blue Screen ab Seit heute stürzt mir der PC mit einem Blue Screen ab sobald ich Firefox oder den IE starte. Beim SeaMonkey und...

  1. Seit heute stürzt mir der PC mit einem Blue Screen ab sobald ich Firefox oder den IE starte. Beim SeaMonkey und Opera Browser gibt es keine derartigen Probleme. Habe schon die Systemwiederherstellung benutzen wollen, diese schlägt aber fehl. Gestern lief noch alles einwandfrei. Neue Programme habe ich keine heruntergeladen oder installiert. Es sind lediglich von Windows Updates installiert worden und vom Adobe Reader9. Betriebssystem ist Windows 7 mit sämtlichen Updates. Mein Virenscanner (Norton 360 Online 4.0) hat nur ein paar Tracking Cookies gefunden und erntfernt. Habe HjackThis heruntergeladen und ein Log File erstellt:

    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:28:48, on 15.04.2010
    Platform: Unknown Windows (WinNT 6.01.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal
    
    Running processes:
    C:\Windows\system32\taskhost.exe
    C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Windows\PixArt\PAC207\Monitor.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\IncrediMail\Bin\IncMail.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\IncrediMail\Bin\ImApp.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.t-online.de/[/url]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
    O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.1.0.32\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.1.0.32\IPSBHO.DLL
    O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
    O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.1.0.32\coIEPlg.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\QTTask.exe -atboottime
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User->LOKALER DIENST')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User->LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User->NETZWERKDIENST')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User->NETZWERKDIENST')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
    O9 - Extra->Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
    O13 - Gopher Prefix: 
    O16 - DPF: CabBuilder - [url]http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab[/url]
    O17 - HKLM\System\CCS\Services\Tcpip\..\{730DA634-9C14-488F-86F4-81CCB8CFD1B0}: NameServer = 217.0.43.177 217.0.43.161
    O17 - HKLM\System\CS1\Services\Tcpip\..\{730DA634-9C14-488F-86F4-81CCB8CFD1B0}: NameServer = 217.0.43.177 217.0.43.161
    O17 - HKLM\System\CS2\Services\Tcpip\..\{730DA634-9C14-488F-86F4-81CCB8CFD1B0}: NameServer = 217.0.43.177 217.0.43.161
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe
    O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
    O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    
    --
    End of file - 7130 bytes
    Hoffe es kann mir geholfen werden. Bin echt total ratlos. :-\
     
  2. Wie lautet denn die Fehlermeldung?

     
  3. Habe es so eingestellt. Allerdings ist es mir gelungen mit Hilfe der WIN 7 CD und der Wiederherstellungskonsole das System wieder herzustellen. Seitdem ist der Blue Screen nicht wieder aufgetaucht. Werde, sobald es wieder auftreten sollte mich hier melden und die genaue Fehlermeldung posten.
     
  4. So heute starte ich Firefox und es kommt anschließend folgende Meldung von Norton:

    [​IMG]

    Das kam auch ein paar Tage bevor mir dann das mit den Blue Screens passiert ist. Ich habe die Datei nicht runtergeladen. Was zum Geier ist das? ???
     
  5. Code:
    GMER 1.0.15.15281 - [url]http://www.gmer.net[/url]
    Rootkit scan 2010-04-16 21:58:36
    Windows 6.1.7600 
    Running: 6j54eodb.exe; Driver: C:\Users\JRG~1\AppData\Local\Temp\axlcypod.sys
    
    
    ---- System - GMER 1.0.15 ----
    
    SSDT      C4043428                                                             ZwAlertResumeThread
    SSDT      C40434E8                                                             ZwAlertThread
    SSDT      C4043BA0                                                             ZwAllocateVirtualMemory
    SSDT      C3DBCC48                                                             ZwAlpcConnectPort
    SSDT      C4044938                                                             ZwAssignProcessToJobObject
    SSDT      C4044E00                                                             ZwCreateMutant
    SSDT      C40446B8                                                             ZwCreateSymbolicLinkObject
    SSDT      C4041468                                                             ZwCreateThread
    SSDT      C4044788                                                             ZwCreateThreadEx
    SSDT      C40449F8                                                             ZwDebugActiveProcess
    SSDT      C4042550                                                             ZwDuplicateObject
    SSDT      C4043A00                                                             ZwFreeVirtualMemory
    SSDT      C4044ED0                                                             ZwImpersonateAnonymousToken
    SSDT      C4044F90                                                             ZwImpersonateThread
    SSDT      C3E6C0C8                                                             ZwLoadDriver
    SSDT      C4043920                                                             ZwMapViewOfSection
    SSDT      C4044D40                                                             ZwOpenEvent
    SSDT      C40426F0                                                             ZwOpenProcess
    SSDT      C3F4E048                                                             ZwOpenProcessToken
    SSDT      C4044BC0                                                             ZwOpenSection
    SSDT      C4042620                                                             ZwOpenThread
    SSDT      C4044868                                                             ZwProtectVirtualMemory
    SSDT      C4CE8E58                                                             ZwResumeThread
    SSDT      C415AE50                                                             ZwSetContextThread
    SSDT      C40437C8                                                             ZwSetInformationProcess
    SSDT      C4044AB8                                                             ZwSetSystemInformation
    SSDT      C4044C80                                                             ZwSuspendProcess
    SSDT      C4CE6210                                                             ZwSuspendThread
    SSDT      C404C0F0                                                             ZwTerminateProcess
    SSDT      C4CE4048                                                             ZwTerminateThread
    SSDT      C4110E50                                                             ZwUnmapViewOfSection
    SSDT      C4043AD0                                                             ZwWriteVirtualMemory
    
    INT 0x1F    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E3043AF8
    INT 0x37    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E3043104
    INT 0x51    ?                                                                 C31FCA58
    INT 0x62    ?                                                                 C4F1EA58
    INT 0x72    ?                                                                 C4F1ECD8
    INT 0x82    ?                                                                 C31FC058
    INT 0x92    ?                                                                 C31FC2D8
    INT 0xA2    ?                                                                 C31FC558
    INT 0xB0    ?                                                                 C4F1E2D8
    INT 0xB1    ?                                                                 C31FCCD8
    INT 0xB2    ?                                                                 C31FC7D8
    INT 0xC1    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E30433F4
    INT 0xD1    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E302B634
    INT 0xD2    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E302B898
    INT 0xDF    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E30431DC
    INT 0xE1    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E3043958
    INT 0xE3    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E30436F8
    INT 0xFD    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E3043F2C
    INT 0xFE    \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)                     E30441A8
    
    Code      \??\C:\Windows\system32\drivers\pci0htwl.sys                                           ZwResumeThread [0xD1878F4E]
    
    ---- Kernel code sections - GMER 1.0.15 ----
    
    .text      ntkrnlpa.exe!ZwSaveKeyEx + 13AD                                                  E2C5C599 1 Byte [06]
    .text      ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                              E2C80F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
    .text      ntkrnlpa.exe!RtlSidHashLookup + 224                                                E2C88734 8 Bytes [28, 34, 04, C4, E8, 34, 04, ...]
    .text      ntkrnlpa.exe!RtlSidHashLookup + 23C                                                E2C8874C 4 Bytes [A0, 3B, 04, C4]
    .text      ntkrnlpa.exe!RtlSidHashLookup + 248                                                E2C88758 4 Bytes [48, CC, DB, C3] {DEC EAX; INT 3 ; FCMOVNB ST, ST(3)}
    .text      ntkrnlpa.exe!RtlSidHashLookup + 29C                                                E2C887AC 4 Bytes [38, 49, 04, C4]
    .text      ntkrnlpa.exe!RtlSidHashLookup + 318                                                E2C88828 4 Bytes [00, 4E, 04, C4]
    .text      ...                                                                
    PAGE      ntkrnlpa.exe!ZwResumeThread                                                    E2E8B00F 7 Bytes JMP D1878F52 \??\C:\Windows\system32\drivers\pci0htwl.sys
    .text      C:\Windows\system32\DRIVERS\atikmdag.sys                                             section is writeable [0xD7606000, 0x2CB104, 0xE8000020]
    .text      peauth.sys                                                            E0C9FC9D 28 Bytes [8F, 82, 8A, 1D, 31, 60, 2E, ...]
    .text      peauth.sys                                                            E0C9FCC1 28 Bytes [8F, 82, 8A, 1D, 31, 60, 2E, ...]
    PAGE      peauth.sys                                                            E0CA5B9B 72 Bytes [A0, A4, BE, D1, 57, 9A, C5, ...]
    PAGE      peauth.sys                                                            E0CA5BEC 111 Bytes [2E, AB, 1A, 6D, DB, 91, D0, ...]
    PAGE      peauth.sys                                                            E0CA5E20 101 Bytes [64, 50, DB, 40, 20, A7, 67, ...]
    PAGE      ...                                                                
    
    ---- User IAT/EAT - GMER 1.0.15 ----
    
    IAT       C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[1584] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress]  [75775E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
    IAT       C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[1584] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]   [75775E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
    IAT       C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[1584] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress]  [75775E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
    IAT       C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[1584] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75775E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
    IAT       C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[1584] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress]  [75775E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
    IAT       C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe[1584] @ C:\Windows\system32\secur32.dll [KERNEL32.dll!GetProcAddress]  [75775E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                          [744F2494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                       [744D5624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                       [744D56E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]
     
  6. Code:
    [744F250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                     [744E8573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                      [744E4D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                      [744E50CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                     [744E51A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP]                 [744E66D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                      [744E82CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                   [744E8819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                  [744E907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                     [744EE21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    IAT       C:\Windows\Explorer.EXE[1656] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                       [744E4C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
    
    ---- Devices - GMER 1.0.15 ----
    
    AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy1                                         hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy2                                         hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy3                                         hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy4                                         hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy5                                         hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy6                                         hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy7                                         hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    
    Device     \Driver\ACPI_HAL \Device\00000053                                                 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
    
    AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy8                                         hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy9                                         hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\tdx \Device\Tcp                                                      SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume1                                              hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume2                                              hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume3                                              hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume4                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume4                                              hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume5                                              fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
    AttachedDevice \Driver\volmgr \Device\HarddiskVolume5                                              hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
    
    ---- Registry - GMER 1.0.15 ----
    
    Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00025b01123c                            
    Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00025b01123c@001dfe5094a3                     0x33 0xE0 0x19 0x88 ...
    Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00025b01123c@001fcd2f4f85                     0x20 0xE8 0xD0 0x07 ...
    Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00025b01123c (not active ControlSet)                  
    Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00025b01123c@001dfe5094a3                       0x33 0xE0 0x19 0x88 ...
    Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00025b01123c@001fcd2f4f85                       0x20 0xE8 0xD0 0x07 ...
    
    ---- EOF - GMER 1.0.15 ----
     
  7. Logfile 1:

    Code:
    OTL logfile created on: 17.04.2010 13:40:08 - Run 1
    OTL by OldTimer - Version 3.2.1.1   Folder = C:\Users\Jörg\Downloads
     Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 72,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 458,40 Gb Total Space | 412,01 Gb Free Space | 89,88% Space Free | Partition Type: NTFS
    Drive D: | 7,35 Gb Total Space | 7,29 Gb Free Space | 99,10% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
     
    Computer Name: JÖRG´SPC
    Current User Name: Jörg
    Logged in as Administrator.
     
    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal
     
    [color=#E56717]========== Processes (SafeList) ==========[/color]
     
    PRC - C:\Users\Jörg\Downloads\OTL.exe (OldTimer Tools)
    PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
    PRC - C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
    PRC - C:\Programme\Norton 360\Engine\4.1.0.32\ccsvchst.exe (Symantec Corporation)
    PRC - C:\Programme\IncrediMail\Bin\IncMail.exe (IncrediMail, Ltd.)
    PRC - C:\Programme\IncrediMail\Bin\ImApp.exe (IncrediMail, Ltd.)
    PRC - C:\Windows\System32\atieclxx.exe (AMD)
    PRC - C:\Windows\System32\atiesrxx.exe (AMD)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
    PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
    PRC - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
    PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
    PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    PRC - C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
     
     
    [color=#E56717]========== Modules (SafeList) ==========[/color]
     
    MOD - C:\Users\Jörg\Downloads\OTL.exe (OldTimer Tools)
    MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
    MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
    MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
     
     
    [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
     
    SRV - (TuneUp.Defrag) -- C:\Programme\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
    SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
    SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
    SRV - (N360) -- C:\Program Files\Norton 360\Engine\4.1.0.32\ccSvcHst.exe (Symantec Corporation)
    SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
    SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
    SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
    SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
    SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
    SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
    SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
    SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
    SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
    SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
    SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
    SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
    SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
    SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
    SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
    SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
    SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
    SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
    SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
    SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
    SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
     
     
    [color=#E56717]========== Driver Services (SafeList) ==========[/color]
     
    DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100416.038\NAVEX15.SYS (Symantec Corporation)
    DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\VirusDefs\20100416.038\NAVENG.SYS (Symantec Corporation)
    DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100324.001\BHDrvx86.sys (Symantec Corporation)
    DRV - (eeCtrl) -- C:\Programme\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
    DRV - (EraserUtilRebootDrv) -- C:\Programme\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
    DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
    DRV - (SymIRON) -- C:\Windows\system32\drivers\N360\0401000.020\Ironx86.SYS (Symantec Corporation)
    DRV - (SRTSP) -- C:\Windows\System32\Drivers\N360\0401000.020\SRTSP.SYS (Symantec Corporation)
    DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\N360\0401000.020\SRTSPX.SYS (Symantec Corporation)
    DRV - (ccHP) -- C:\Windows\system32\drivers\N360\0401000.020\ccHPx86.sys (Symantec Corporation)
    DRV - (SymEFA) -- C:\Windows\system32\drivers\N360\0401000.020\SYMEFA.SYS (Symantec Corporation)
    DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
    DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\N360\0401000.020\SYMTDIV.SYS (Symantec Corporation)
    DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100415.001\IDSvix86.sys (Symantec Corporation)
    DRV - (hotcore3) -- C:\Windows\system32\DRIVERS\hotcore3.sys (Paragon Software Group)
    DRV - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
    DRV - (SipIMNDI) -- C:\Windows\System32\drivers\SipIMNDI.sys (T-Systems International GmbH)
    DRV - (SymDS) -- C:\Windows\system32\drivers\N360\0401000.020\SYMDS.SYS (Symantec Corporation)
    DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
    DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
    DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
    DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
    DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
    DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
    DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
    DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
    DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
    DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
    DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
    DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
    DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
    DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
    DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
    DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
    DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
    DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
    DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
    DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
    DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
    DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
    DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
    DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
    DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
    DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
    DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
    DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
    DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
    DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
    DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
    DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
    DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
    DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
    DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
    DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
    DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
    DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
    DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
    DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
    DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
    DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
    DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
    DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
    DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
    DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
    DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
    DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
    DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
    DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
    DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
    DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
    DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
    DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
    DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
    DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
    DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
    DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
    DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
    DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
    DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
    DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
    DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
    DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
    DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
    DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
    DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
    DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
    DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
    DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
    DRV - (Point32) -- C:\Windows\System32\drivers\point32k.sys (Microsoft Corporation)
    DRV - (NuidFltr) -- C:\Windows\System32\drivers\nuidfltr.sys (Microsoft Corporation)
    DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
    DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
     
     
    [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
     
     
    [color=#E56717]========== Internet Explorer ==========[/color]
     
     
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.t-online.de/[/url]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [url]http://de.msn.com/?ocid=iehp[/url]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 79 F8 D1 B6 88 CA 01 [binary data]
    IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: ProxyEnable = 0
    [br][br]Erstellt am: 17.04.10 um 13:45:21[hr][br]Rest Teil 1:

    Code:
    [color=#E56717]========== FireFox ==========[/color]
     
    FF - prefs.js..browser.search.defaultenginename: MyStart Suche
    FF - prefs.js..browser.search.param.yahoo-fr: chrf-ytbm
    FF - prefs.js..browser.search.param.yahoo-fr-cjkt: chrf-ytbm
    FF - prefs.js..browser.search.param.yahoo-type: ${8}
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: [url]http://www.t-online.de/[/url]
    FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
    FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
    FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
    FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.5
    FF - prefs.js..extensions.enabledItems: {269FB356-C69F-7349-D092-AB28AF836D0E}:3.5.004
    FF - prefs.js..extensions.enabledItems: {4a1a0a40-7d27-11dd-ad8b-0800200c9a66}:1.3.1
    FF - prefs.js..extensions.enabledItems: {81514210-E22A-4e69-93D5-E1EFD45B4620}:0.3.10.01.23
    FF - prefs.js..extensions.enabledItems: {e213bb8f-8ebd-11db-96b7-005056c00008}:3.0.0.90
    FF - prefs.js..keyword.URL: [url]http://search.sweetim.com/search.asp?src=2&q=[/url]
    FF - prefs.js..network.proxy.type: 4
    FF - prefs.js..sweetim.toolbar.previous.keyword.URL: [url]http://mystart.incredimail.com/?loc=ff_address_bar_fs_IM2_TEST&search=[/url]
     
     
    FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.01.14 02:22:16 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\IPSFFPlgn\ [2010.03.19 16:42:18 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\coFFPlgn\ [2010.03.19 16:42:18 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.17 13:25:22 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.16 22:46:51 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\SeaMonkey 2.0.2\extensions\\Components: C:\Program Files\SeaMonkey\components [2010.03.26 23:01:32 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\SeaMonkey 2.0.2\extensions\\Plugins: C:\Program Files\SeaMonkey\plugins [2010.04.15 20:37:22 | 000,000,000 | ---D | M]
     
    [2009.12.30 04:39:01 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\mozilla\Extensions
    [2009.12.30 04:39:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Extensions\{92650c4d-4b8e-4d2a-b7eb-24ecf4f6b63a}
    [2010.04.16 22:20:16 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions
    [2010.03.26 22:52:50 | 000,000,000 | ---D | M] (Strata Aero) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{269FB356-C69F-7349-D092-AB28AF836D0E}
    [2009.12.29 21:06:10 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
    [2010.03.11 17:31:31 | 000,000,000 | ---D | M] (MonoChrome) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{4a1a0a40-7d27-11dd-ad8b-0800200c9a66}
    [2010.03.11 17:29:17 | 000,000,000 | ---D | M] (Past Modern) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{81514210-E22A-4e69-93D5-E1EFD45B4620}
    [2010.03.26 22:31:12 | 000,000,000 | ---D | M] (myFireFox) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}
    [2010.04.15 18:55:57 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2010.03.26 22:48:16 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\chromifox@altmusictv.com
    [2010.03.26 22:52:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{269FB356-C69F-7349-D092-AB28AF836D0E}\mozapps\extensions
    [2010.03.26 22:31:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\6weu7do9.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}\chrome\mozapps\extensions
    [2010.04.15 20:30:39 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\mozilla\SeaMonkey\Profiles\itaa7dxm.default\extensions
    [2010.04.15 20:20:37 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Jörg\AppData\Roaming\mozilla\SeaMonkey\Profiles\itaa7dxm.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
    [2010.04.15 20:20:37 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\mozilla\SeaMonkey\Profiles\itaa7dxm.default\extensions\inspector@mozilla.org
    [2010.04.16 22:46:52 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
    [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
    [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
    [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
    [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
    [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
     
    O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\4.1.0.32\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\4.1.0.32\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\4.1.0.32\coieplg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\4.1.0.32\coieplg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
    O4 - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O9 - Extra Button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
    O9 - Extra->Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab[/url] (Java Plug-in 1.6.0_19)
    O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab[/url] (Java Plug-in 1.6.0_07)
    O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab[/url] (Java Plug-in 1.6.0_18)
    O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab[/url] (Java Plug-in 1.6.0_19)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [url]http://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab[/url] (Java Plug-in 1.6.0_19)
    O16 - DPF: CabBuilder [url]http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab[/url] (Reg Error: Key error.)
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- %1 %*
    O35 - HKLM\..exefile [open] -- %1 %*
    O37 - HKLM\...com [@ = comfile] -- %1 %*
    O37 - HKLM\...exe [@ = exefile] -- %1 %*
     
    [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
     
    [2010.04.15 20:21:14 | 000,030,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.04.15 20:21:14 | 000,021,320 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.04.15 19:29:03 | 000,000,000 | ---D | C] -- C:\Programme\JRE
    [2010.04.15 19:02:04 | 000,000,000 | ---D | C] -- C:\Temp
    [2010.04.15 18:48:48 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2010.04.15 18:48:47 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2010.04.15 18:48:46 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
    [2010.04.15 18:03:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2010.04.15 17:44:59 | 000,000,000 | ---D | C] -- C:\$UPGRADE.~OS
    [2010.04.15 17:42:51 | 000,000,000 | ---D | C] -- C:\$WINDOWS.~BT
    [2010.04.15 17:25:39 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
    [2010.04.14 23:28:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Grid Tool
    [2010.04.08 16:01:20 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
    [2010.04.08 16:01:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
    [2010.04.08 16:01:20 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
    [2010.04.08 15:59:33 | 000,000,000 | ---D | C] -- C:\Users\Jörg\OpenOffice.org 3.2 (de) Installation Files
    [2010.04.08 15:59:04 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun
    [2010.04.06 23:57:02 | 000,340,016 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0401000.020\symtdiv.sys
    [2010.04.06 23:57:02 | 000,328,752 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0401000.020\symds.sys
    [2010.04.06 23:57:02 | 000,172,592 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0401000.020\symefa.sys
    [2010.04.06 23:57:02 | 000,043,696 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0401000.020\srtspx.sys
    [2010.04.06 23:57:01 | 000,501,888 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0401000.020\cchpx86.sys
    [2010.04.06 23:57:01 | 000,325,680 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0401000.020\srtsp.sys
    [2010.04.06 23:57:01 | 000,116,784 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0401000.020\ironx86.sys
    [2010.04.06 23:56:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0401000.020
    [2010.04.06 01:16:58 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\gtk-2.0
    [2010.04.06 01:16:55 | 000,000,000 | ---D | C] -- C:\Users\Jörg\.thumbnails
    [2010.04.05 02:03:45 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Local\Apps
    [2010.04.03 12:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2010.04.03 12:44:11 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Local\Programs
    [2010.04.01 21:36:35 | 000,000,000 | ---D | C] -- C:\Users\Jörg\Documents\gegl-0.0
    [2010.04.01 21:36:35 | 000,000,000 | ---D | C] -- C:\Users\Jörg\.gimp-2.6
    [2010.04.01 21:35:59 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0
    [2010.04.01 21:10:29 | 018,234,256 | ---- | C] (                              ) -- C:\Users\Jörg\gimp-2.6.8-i686-setup.exe
    [2010.03.31 16:42:12 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Local\Yahoo
    [2010.03.31 16:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
    [2010.03.31 16:37:41 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\Yahoo!
    [2010.03.31 16:37:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
    [2010.03.31 16:27:57 | 000,000,000 | ---D | C] -- C:\Programme\Yahoo!
    [2010.03.31 14:29:14 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
    [2010.03.31 14:29:14 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
    [2010.03.31 14:29:14 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
    [2010.03.26 22:32:39 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\AntiBrowserSpy 2009
    [2010.03.26 15:47:07 | 000,000,000 | ---D | C] -- C:\Programme\FRANZIS
    [2010.03.26 15:26:29 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Local\Abelssoft
    [2010.03.26 15:26:22 | 000,000,000 | ---D | C] -- C:\Programme\AntiBrowserSpy
    [2010.03.26 15:24:23 | 000,000,000 | ---D | C] -- C:\Users\Jörg\God-Modus.{ED7BA470-8E54-465E-825C-99712043E01C}
    [2010.03.23 19:47:28 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Local\CrashDumps
    [2010.03.22 11:39:53 | 000,532,480 | ---- | C] (ScreenTime Media) -- C:\Windows\System32\briblo.scr
    [2010.03.22 11:39:53 | 000,000,000 | ---D | C] -- C:\Windows\System32\briblo dir
    [2010.03.19 17:29:16 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\Tific
    [2010.03.19 16:42:10 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
    [2010.03.19 16:41:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
    [2010.03.19 16:41:30 | 000,000,000 | ---D | C] -- C:\Programme\Norton 360
    [2010.03.19 03:02:44 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\MessengerGadget
    [2010.03.19 02:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
    [2010.03.19 02:23:34 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
    [br][br]Erstellt am: 17.04.10 um 13:49:05[hr][br]Rest Teil 1:

    Code:
    [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
     
    [2010.04.17 13:42:33 | 003,145,728 | ---- | M] () -- C:\Users\Jörg\ntuser.dat
    [2010.04.17 13:16:26 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2010.04.17 13:16:26 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2010.04.17 13:13:28 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
    [2010.04.17 13:13:28 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat
    [2010.04.17 13:13:28 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2010.04.17 13:13:28 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat
    [2010.04.17 13:13:28 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2010.04.17 13:12:15 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2010.04.17 13:09:38 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2010.04.17 13:09:15 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2010.04.17 13:08:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2010.04.17 13:08:47 | 2817,433,600 | -HS- | M] () -- C:\hiberfil.sys
    [2010.04.17 03:00:24 | 009,762,638 | -H-- | M] () -- C:\Users\Jörg\AppData\Local\IconCache.db
    [2010.04.16 22:46:56 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010.04.16 22:29:13 | 000,960,598 | ---- | M] () -- C:\Windows\System32\drivers\N360\0401000.020\Cat.DB
    [2010.04.15 20:37:22 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
    [2010.04.15 20:21:12 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
    [2010.04.15 20:21:12 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
    [2010.04.15 19:52:20 | 000,068,416 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
    [2010.04.15 19:51:22 | 000,302,440 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2010.04.15 19:49:15 | 000,524,288 | -HS- | M] () -- C:\Users\Jörg\ntuser.dat{6970c53d-48a8-11df-b6b4-00025b01123c}.TMContainer00000000000000000002.regtrans-ms
    [2010.04.15 19:49:15 | 000,524,288 | -HS- | M] () -- C:\Users\Jörg\ntuser.dat{6970c53d-48a8-11df-b6b4-00025b01123c}.TMContainer00000000000000000001.regtrans-ms
    [2010.04.15 19:49:15 | 000,065,536 | -HS- | M] () -- C:\Users\Jörg\ntuser.dat{6970c53d-48a8-11df-b6b4-00025b01123c}.TM.blf
    [2010.04.15 19:29:43 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
    [2010.04.15 18:04:53 | 000,008,224 | ---- | M] () -- C:\Users\Jörg\AppData\Local\GDIPFONTCACHEV1.DAT
    [2010.04.15 18:03:42 | 361,342,151 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2010.04.08 11:15:25 | 167,555,440 | ---- | M] () -- C:\Users\Jörg\OOo_3.2.0_Win32Intel_install_wJRE_de.exe
    [2010.04.08 09:46:39 | 001,829,024 | ---- | M] () -- C:\Users\Jörg\Foto031.jpg
    [2010.04.08 09:41:38 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLds.DAT
    [2010.04.08 09:41:30 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLec.DAT
    [2010.04.07 15:36:37 | 000,002,330 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
    [2010.04.06 01:21:24 | 000,001,489 | ---- | M] () -- C:\Users\Jörg\.recently-used.xbel
    [2010.04.05 03:40:10 | 000,524,288 | -HS- | M] () -- C:\Users\Jörg\NTUSER.DAT{1be9cd3e-4040-11df-a2da-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
    [2010.04.05 03:40:10 | 000,524,288 | -HS- | M] () -- C:\Users\Jörg\NTUSER.DAT{1be9cd3e-4040-11df-a2da-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
    [2010.04.05 03:40:10 | 000,065,536 | -HS- | M] () -- C:\Users\Jörg\NTUSER.DAT{1be9cd3e-4040-11df-a2da-806e6f6e6963}.TM.blf
    [2010.04.05 01:18:34 | 003,407,872 | -HS- | M] () -- C:\Users\Jörg\NTUSER.DAT_tureg_old
    [2010.04.01 21:17:15 | 018,234,256 | ---- | M] (                              ) -- C:\Users\Jörg\gimp-2.6.8-i686-setup.exe
    [2010.04.01 15:17:48 | 000,030,536 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
    [2010.04.01 15:11:38 | 000,021,320 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
    [2010.04.01 15:11:26 | 000,030,024 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
    [2010.03.27 03:39:52 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\0401000.020\isolate.ini
    [2010.03.26 22:42:08 | 000,001,045 | ---- | M] () -- C:\Users\Jörg\AntiBrowserSpy.lnk
    [2010.03.25 17:24:34 | 000,008,065 | ---- | M] () -- C:\Users\Jörg\Rechnung59492.htm
    [2010.03.24 02:59:53 | 000,002,593 | ---- | M] () -- C:\Users\Public\Desktop\NetSchafkopf.lnk
    [2010.03.22 11:39:53 | 000,532,480 | ---- | M] (ScreenTime Media) -- C:\Windows\System32\briblo.scr
    [2010.03.19 16:42:01 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
    [2010.03.19 16:42:01 | 000,007,443 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
    [2010.03.19 16:42:01 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
     
    [color=#E56717]========== Files Created - No Company Name ==========[/color]
     
    [2010.04.16 22:46:56 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010.04.15 19:29:43 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
    [2010.04.15 18:03:54 | 000,524,288 | -HS- | C] () -- C:\Users\Jörg\ntuser.dat{6970c53d-48a8-11df-b6b4-00025b01123c}.TMContainer00000000000000000002.regtrans-ms
    [2010.04.15 18:03:53 | 000,524,288 | -HS- | C] () -- C:\Users\Jörg\ntuser.dat{6970c53d-48a8-11df-b6b4-00025b01123c}.TMContainer00000000000000000001.regtrans-ms
    [2010.04.15 18:03:53 | 000,065,536 | -HS- | C] () -- C:\Users\Jörg\ntuser.dat{6970c53d-48a8-11df-b6b4-00025b01123c}.TM.blf
    [2010.04.15 18:03:42 | 361,342,151 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2010.04.08 10:10:16 | 167,555,440 | ---- | C] () -- C:\Users\Jörg\OOo_3.2.0_Win32Intel_install_wJRE_de.exe
    [2010.04.08 09:45:51 | 001,829,024 | ---- | C] () -- C:\Users\Jörg\Foto031.jpg
    [2010.04.07 15:36:10 | 000,960,598 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\Cat.DB
    [2010.04.06 23:57:02 | 000,007,787 | R--- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\symnetv.cat
    [2010.04.06 23:57:02 | 000,007,444 | R--- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\symefa.cat
    [2010.04.06 23:57:02 | 000,007,425 | R--- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\symds.cat
    [2010.04.06 23:57:02 | 000,007,368 | R--- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\symnet.cat
    [2010.04.06 23:57:02 | 000,003,374 | R--- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\symefa.inf
    [2010.04.06 23:57:02 | 000,002,793 | R--- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\symds.inf
    [2010.04.06 23:57:02 | 000,001,473 | R--- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\symnetv.inf
    [2010.04.06 23:57:02 | 000,001,445 | R--- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\symnet.inf
    [2010.04.06 23:57:02 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\srtspx.inf
    [2010.04.06 23:57:01 | 000,007,442 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\srtspx.cat
    [2010.04.06 23:57:01 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\srtsp.cat
    [2010.04.06 23:57:01 | 000,007,438 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\iron.cat
    [2010.04.06 23:57:01 | 000,007,396 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\cchpx86.cat
    [2010.04.06 23:57:01 | 000,001,754 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\cchpx86.inf
    [2010.04.06 23:57:01 | 000,001,382 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\srtsp.inf
    [2010.04.06 23:57:01 | 000,000,741 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\iron.inf
    [2010.04.06 23:56:47 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0401000.020\isolate.ini
    [2010.04.06 01:21:24 | 000,001,489 | ---- | C] () -- C:\Users\Jörg\.recently-used.xbel
    [2010.04.05 01:20:21 | 000,524,288 | -HS- | C] () -- C:\Users\Jörg\NTUSER.DAT{1be9cd3e-4040-11df-a2da-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
    [2010.04.05 01:20:21 | 000,524,288 | -HS- | C] () -- C:\Users\Jörg\NTUSER.DAT{1be9cd3e-4040-11df-a2da-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
    [2010.04.05 01:20:21 | 000,065,536 | -HS- | C] () -- C:\Users\Jörg\NTUSER.DAT{1be9cd3e-4040-11df-a2da-806e6f6e6963}.TM.blf
    [2010.04.05 01:18:27 | 000,000,000 | -HS- | C] () -- C:\Users\Jörg\NTUSER.DAT_tureg_new.LOG2
    [2010.04.05 01:18:27 | 000,000,000 | -HS- | C] () -- C:\Users\Jörg\NTUSER.DAT_tureg_new.LOG1
    [2010.03.26 15:26:27 | 000,001,045 | ---- | C] () -- C:\Users\Jörg\AntiBrowserSpy.lnk
    [2010.03.25 17:24:34 | 000,008,065 | ---- | C] () -- C:\Users\Jörg\Rechnung59492.htm
    [2010.03.19 16:41:53 | 000,002,330 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
    [2010.01.25 12:24:16 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLec.DAT
    [2010.01.08 16:54:01 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
    [2010.01.08 16:48:26 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
    [2009.12.30 15:13:30 | 000,001,880 | ---- | C] () -- C:\ProgramData\hpzinstall.log
    [2009.12.30 13:26:28 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Super Strings
    [2009.12.30 13:26:28 | 000,000,268 | RH-- | C] () -- C:\Users\Jörg\AppData\Roaming\Stingers
    [2009.12.30 13:26:28 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLds.DAT
    [2009.12.29 20:24:57 | 003,407,872 | -HS- | C] () -- C:\Users\Jörg\NTUSER.DAT_tureg_old
    [2009.12.29 20:24:57 | 003,145,728 | ---- | C] () -- C:\Users\Jörg\ntuser.dat
    [2009.12.29 20:24:57 | 000,524,288 | -HS- | C] () -- C:\Users\Jörg\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
    [2009.12.29 20:24:57 | 000,524,288 | -HS- | C] () -- C:\Users\Jörg\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
    [2009.12.29 20:24:57 | 000,262,144 | -HS- | C] () -- C:\Users\Jörg\ntuser.dat.LOG1
    [2009.12.29 20:24:57 | 000,065,536 | -HS- | C] () -- C:\Users\Jörg\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
    [2009.12.29 20:24:57 | 000,000,020 | -HS- | C] () -- C:\Users\Jörg\ntuser.ini
    [2009.12.29 20:24:57 | 000,000,000 | -HS- | C] () -- C:\Users\Jörg\ntuser.dat.LOG2
    [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
    [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
    [2009.07.14 01:11:59 | 000,589,824 | ---- | C] () -- C:\Windows\System32\jayw2sbf.dll
    [2006.11.02 10:27:46 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.ini
    < End of report >
    
    [br][br]Erstellt am: 17.04.10 um 13:50:43[hr][br]Logfile 2:

    Code:
    OTL Extras logfile created on: 17.04.2010 13:40:08 - Run 1
    OTL by OldTimer - Version 3.2.1.1   Folder = C:\Users\Jörg\Downloads
     Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7600.16385)
    Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
     
    3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 72,00% Memory free
    7,00 Gb Paging File | 6,00 Gb Available in Paging File | 85,00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 458,40 Gb Total Space | 412,01 Gb Free Space | 89,88% Space Free | Partition Type: NTFS
    Drive D: | 7,35 Gb Total Space | 7,29 Gb Free Space | 99,10% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded
     
    Computer Name: JÖRG´SPC
    Current User Name: Jörg
    Logged in as Administrator.
     
    Current Boot Mode: Normal
    Scan Mode: Current user
    Company Name Whitelist: Off
    Skip Microsoft Files: Off
    File Age = 30 Days
    Output = Minimal
     
    [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
     
     
    [color=#E56717]========== File Associations ==========[/color]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
     
    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    [color=#E56717]========== Shell Spawning ==========[/color]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- %1 %*
    cmdfile [open] -- %1 %*
    comfile [open] -- %1 %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe %1,%* (Microsoft Corporation)
    exefile [open] -- %1 %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML %1
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe %1 (Microsoft Corporation)
    piffile [open] -- %1 %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- %1
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
    scrfile [open] -- %1 /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd %V (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
     
    [color=#E56717]========== Security Center Settings ==========[/color]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    cval = 1
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    VistaSp1 = Reg Error: Unknown registry data type -- File not found
    AntiVirusOverride = 0
    AntiSpywareOverride = 0
    FirewallOverride = 0
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    DisableNotifications = 0
    EnableFirewall = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    DisableNotifications = 0
    EnableFirewall = 0
     
    [color=#E56717]========== Authorized Applications List ==========[/color]
     
     
    [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    {00C0C196-54AC-8BC5-5F16-87C4A38D13B8} = Catalyst Control Center Localization All
    {02EBDBB9-4600-41D3-B566-40CB861511D2} = World of Warcraft FREE Trial
    {05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A} = Opera 10.51
    {06A1D88C-E102-4527-AF70-29FFD7AF215A} = Scan
    {0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC} = Status
    {104066F4-5897-4067-85D3-4C88B67CCF75} = AIO_Scan
    {1063B812-E31C-833F-F5F0-46D9D06B5336} = Catalyst Control Center Graphics Light
    {13DFC4CE-9089-4907-E042-71DCD6727DBA} = ccc-utility
    {1451DE6B-ABE1-4F62-BE9A-B363A17588A2} = QuickTime
    {175F0111-2968-4935-8F70-33108C6A4DE3} = MarketResearch
    {192A107E-C6B9-41B9-BDBF-38E3AA226054} = OpenOffice.org 3.2
    {1EC71BFB-01A3-4239-B6AF-B1AE656B15C0} = TrayApp
    {1EE8648A-1141-BF6F-B002-1F279859606B} = CCC Help Portuguese
    {1EFE2B13-7C03-E454-00F5-5FF8CFC86343} = CCC Help Hungarian
    {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    {205C6BDD-7B73-42DE-8505-9A093F35A238} = Windows Live-Uploadtool
    {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} = MSVCRT
    {25C55EBA-401C-F7B8-E932-F7A5D53EADEE} = Catalyst Control Center Graphics Previews Vista
    {26442B73-03B2-44E5-ACBC-8C6625B89481} = CCC Help French
    {26A24AE4-039D-4CA4-87B4-2F83216016FF} = Java(TM) 6 Update 19
    {26A24AE4-039D-4CA4-87B4-2F83216018F0} = Java(TM) 6 Update 18
    {2E2660AC-6195-C603-A6BD-5FC039891FFF} = ccc-core-static
    {2EAF7E61-068E-11DF-953C-005056806466} = Google Earth
    {2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C} = BufferChm
    {2FF8C687-DB7D-4adc-A5DC-57983EC25046} = DeviceDiscovery
    {30E0C424-E68A-FB77-6E45-42EC039264F4} = CCC Help Greek
    {31CF6C0E-51F0-41D2-B088-A6A143C4303C} = SweetIM Toolbar for Internet Explorer 3.6
    {3248F0A8-6813-11D6-A77B-00B0D0160070} = Java(TM) 6 Update 7
    {39F387E3-19E1-48CC-9D74-EFF82771A452} = NetSchafkopf
    {3C92B2E6-380D-4fef-B4DF-4A3B4B669771} = Copy
    {3DA169A5-3DBC-BBCA-4366-0B8678D5B765} = Catalyst Control Center Graphics Previews Common
    {3FA365DF-2D68-45ED-8F83-8C8A33E65143} = Apple Application Support
    {41E654A9-26D0-4EAC-854B-0FA824FFFABB} = Windows Live Messenger
    {4220E7CF-9ED6-132C-1964-FE00A5FA00C5} = ATI Catalyst Install Manager
    {43CDF946-F5D9-4292-B006-BA0D92013021} = WebReg
    {440B915A-0C85-45DB-92AE-75AE14704A64} = Fax
    {4944DAC1-2923-4D8E-908A-D08E2998ADBE} = Trust Webcam Live 
    {49E56237-4F46-5E38-FA6E-5A6651C355C7} = CCC Help English
    {4A03706F-666A-4037-7777-5F2748764D10} = Java Auto Updater
    {4A70EF07-7F88-4434-BB61-D1DE8AE93DD4} = SolutionCenter
    {4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35} = UnloadSupport
    {52B97218-98CB-4B8B-9283-D213C85E1AA4} = Windows Live Anmelde-Assistent
    {5EE7D259-D137-4438-9A5F-42F432EC0421} = VC80CRTRedist - 8.0.50727.4053
    {5FC68772-6D56-41C6-9DF1-24E868198AE6} = Windows Live Call
    {60DE4033-9503-48D1-A483-7846BD217CA9} = ICQ6.5
    {63FF21C9-A810-464F-B60A-3111747B1A6D} = GPBaseService2
    {675D173B-F754-9B62-A847-A78117B3FCEA} = CCC Help Italian
    {681B698F-C997-42C3-B184-B489C6CA24C9} = HPPhotoSmartDiscLabelContent1
    {6956856F-B6B3-4BE0-BA0B-8F495BE32033} = Apple Software Update
    {6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91} = HPSSupply
    {6BBA26E9-AB03-4FE7-831A-3535584CA002} = Toolbox
    {6CF47FD1-3CF8-4206-BA24-A2B1E43D8CCA} = IncrediMail
    {6E5BC38E-F22B-4197-00A2-CD8E58EF139D} = FUSSBALL MANAGER 2005
    {7059BDA7-E1DB-442C-B7A1-6144596720A4} = HP Update
    {716E0306-8318-4364-8B8F-0CC4E9376BAC} = MSXML 4.0 SP2 Parser and SDK
    {75247E38-5C9B-45D6-ADF8-E11CB56B4990} = Network
    {770657D0-A123-3C07-8E44-1C83EC895118} = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    {77791725-5D50-C0DE-059A-5C4B5EE8A212} = Catalyst Control Center Graphics Full Existing
    {7B63B2922B174135AFC0E1377DD81EC2} = DivX Codec
    {7DEDD94B-32EB-D72C-CDAE-6BBA3E31276D} = Catalyst Control Center Graphics Full New
    {7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22} = TuneUp Utilities Language Pack (de-DE)
    {837b34e3-7c30-493c-8f6a-2b0f04e2912c} = Microsoft Visual C++ 2005 Redistributable
    {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} = Microsoft Silverlight
    {8ADFC4160D694100B5B8A22DE9DCABD9} = DivX Player
    {8D7133DE-27D2-47E5-B248-4180278D32AA} = Catalyst Control Center - Branding
    {8FF6F5CA-4E30-4E3B-B951-204CAAA2716A} = SmartWebPrinting
    {92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D} = 32 Bit HP CIO Components Installer
    {94A065E8-455D-41C1-AF1F-F0C1AF8F50F3} = Microsoft IntelliType Pro 7.0
    {95120000-00B9-0409-0000-0000000FF1CE} = Microsoft Application Error Reporting
    {986A654F-F1E4-11DD-9FCA-005056C00008} = Paragon Partition Manager™ 10.0 Personal
    {98E8A2EF-4EAE-43B8-A172-74842B764777} = InterVideo WinDVD 4
    {9B362566-EC1B-4700-BB9C-EC661BDE2175} = DocProc
    {9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB} = AIO_CDB_Software
    {A01AC54A-5BB8-FE08-1854-5427457FCBCB} = CCC Help Spanish
    {A5F68DC8-0278-4AD8-B413-861509B5F25B} = ArcSoft Panorama Maker 3
    {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} = Google Update Helper
    {AADD9821-3290-1B1F-D164-1F6D20601FAF} = Catalyst Control Center HydraVision Full
    {AC76BA86-7AD7-1031-7B44-A93000000001} = Adobe Reader 9.3.2 - Deutsch
    {AD646716-2554-666F-6F72-A5D5B96CF046} = CCC Help German
    {B13A7C41581B411290FBC0395694E2A9} = DivX Converter
    {B61ED343-0B14-4241-999C-490CB1A20DA4} = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
    {BD7204BA-DD64-499E-9B55-6A282CDF4FA4} = Destinations
    {BE1B109A-F0D0-2406-AFDB-FEBF9C4E0D9A} = CCC Help Polish
    {BEE64C14-BEF1-4610-8A68-A16EAA47B882} = Futuremark SystemInfo
    {C43326F5-F135-4551-8270-7F7ABA0462E1} = HPProductAssistant
    {C679F9B9-C65D-4C65-BD6C-BF90B859E281} = Trust WB-1300N Webcam Live
    {CAE4213F-F797-439D-BD9E-79B71D115BE3} = HPPhotoGadget
    {CD95F661-A5C4-44F5-A6AA-ECDD91C240BB} = WinZip 14.0
    {D2FCC1AE-6311-47C5-8130-C6C66D77DD71} = Nikon Message Center
    {D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} = TuneUp Utilities
    {D79113E7-274C-470B-BD46-01B10219DF6A} = HPPhotosmartEssential
    {D7A5E624-2D7D-57FE-34C7-1076A29B3C65} = Catalyst Control Center InstallProxy
    {DF6F459C-8B89-4F88-B63F-A2E136BB6B79} = SweetIM for Messenger 2.8
    {E31B2CB2-1CE3-EEC9-4FC7-48145D6AD674} = Catalyst Control Center Core Implementation
    {E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942} = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    {E60B8506-DDC7-433d-AF9E-999D0F543C4A} = 2570_Help
    {E7112940-5F8E-4918-B9FE-251F2F8DC81F} = AIO_CDB_ProductContext
    {EA7FE7AB-34AE-4e14-84C5-187E6EC0AB9B} = 2570
    {ED00D08A-3C5F-488D-93A0-A04F21F23956} = Windows Live Communications Platform
    {EE93929B-2923-445B-BCA7-BC57D1A4D708} = NetSchafkopf
    {EF71A531-5B6C-4B20-8D1E-E6379C7FB6D3} = Microsoft IntelliPoint 7.0
    {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} = Microsoft Choice Guard
    {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} = Realtek High Definition Audio Driver
    {F66D5732-C2A6-4f88-B8FE-AEDA10355FBD} = 2570Trb
    {F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1 = AntiBrowserSpy
    {F8FF18EE-264A-43FD-B2F6-5EAD40798C2F} = Windows Live Essentials
    {FF3999BE-1A7B-4738-88AA-97BF14094A4A} = PictureProject
    {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Adobe Flash Player ActiveX = Adobe Flash Player 10 ActiveX
    Adobe Flash Player Plugin = Adobe Flash Player 10 Plugin
    Adobe Shockwave Player = Adobe Shockwave Player 11.5
    Ashampoo Burning Studio 6 FREE_is1 = Ashampoo Burning Studio 6 FREE
    briblo = briblo Screen Saver
    Das Quiz mit Jörg Pilawa = Das Quiz mit Jörg Pilawa
    Franzis Fahrschule_is1 = Franzis Fahrschule
    Free Billiards 2008_is1 = Free Billiards 2008
    GTR 2_is1 = GTR 2
    HP Imaging Device Functions = HP Imaging Device Functions 13.0
    HP Photosmart Essential = HP Photosmart Essential 3.5
    HP Smart Web Printing = HP Smart Web Printing 4.60
    HP Solution Center & Imaging Support Tools = HP Solution Center 13.0
    HPExtendedCapabilities = HP Customer Participation Program 13.0
    HPOCR = OCR Software by I.R.I.S. 13.0
    IncrediMail = IncrediMail 2.0
    InstallShield_{4944DAC1-2923-4D8E-908A-D08E2998ADBE} = Trust Webcam Live 
    Knippel Shareware = Knippel Shareware
    Mozilla Firefox (3.6.3) = Mozilla Firefox (3.6.3)
    N360 = Norton 360
    Nikon FotoShare = Nikon FotoShare
    OpenAL = OpenAL
    POI FINDER (iGO My way 8)_is1 = POI FINDER 3.67 (iGO My way 8)
    QuicktimeAlt_is1 = QuickTime Alternative 2.7.0
    RACE_is1 = RACE
    RealPlayer 12.0 = RealPlayer
    SAMSUNG Mobile Modem = SAMSUNG Mobile Modem Driver Set
    Samsung Mobile phone USB driver Drive = Samsung Mobile phone USB driver Drive Software
    SAMSUNG Mobile USB Modem = SAMSUNG Mobile USB Modem Software
    SAMSUNG Mobile USB Modem 1.0 = SAMSUNG Mobile USB Modem 1.0 Software
    SeaMonkey (2.0.2) = SeaMonkey (2.0.2)
    Shop for HP Supplies = Shop for HP Supplies
    Skat! 2000 = Skat! 2000
    TuneUp Utilities = TuneUp Utilities
    WinGimp-2.0_is1 = GIMP 2.6.8
    WinLiveSuite_Wave3 = Windows Live Essentials
    Yahoo! Companion = Yahoo! Toolbar
    Yahoo! Messenger = Yahoo! Messenger
    Yahoo! Software Update = Yahoo! Software Update
     
    [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
     
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    SKIP-BO Castaway Caper(TM) = SKIP-BO Castaway Caper(TM)
     
    [color=#E56717]========== Last 10 Event Log Errors ==========[/color]
     
    Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
     
    < End of report >
     
  8. sieht alles gut aus. Java könntest du alle alten versionen deinstallieren und die neueste, 20, installieren.

    immer noch solche meldungen? Leere mal den cache in jedem browser sowie verlauf und cookies.
     
Die Seite wird geladen...

Firefox und IE stürzen mit Blue Screen ab - Ähnliche Themen

Forum Datum
Chrome & Firefox stürzen ab Software: Empfehlungen, Gesuche & Problemlösungen 20. Feb. 2016
Firefox öffnet keine Google-Links Web-Browser 3. Feb. 2016
Welchen Firefox und welche Java-Version ?? Windows 7 Forum 16. Dez. 2015
Firefox startet sehr langsam Windows 7 Forum 19. Nov. 2015
Firefox Windows 8 Forum 21. Okt. 2015