Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards

PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards


Log-Analyse und Auswertung: PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 20.11.2011, 17:41   #1
Tacko89
 
PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards - Standard

PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards


Hallo! Mein PC erstellt mir nur noch Verknüpfungen von Ordnern, die sich auf dem USB-Stick oder der Memory Card meiner Kamera befinden. Ich habe eine JPEG-Datei bei facebook öffnen wollen und mir dabei wohl was eingefangen. Brauche DRINGEND Hilfe, da ich mich im Ausland befinde und keine Fotos mehr übertragen kann. Kann es sein, dass sich der Virus auch auf dem Uni-Computer befinden?

Habe alles gemacht wie hier angegeben und folgende Ergebnisse:

OTL:

OTL logfile created on: 20.11.2011 16:55:33 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Steffie\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,99 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 43,47% Memory free
6,19 Gb Paging File | 4,77 Gb Available in Paging File | 77,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 42,12 Gb Free Space | 36,18% Space Free | Partition Type: NTFS
Drive D: | 106,68 Gb Total Space | 89,26 Gb Free Space | 83,67% Space Free | Partition Type: NTFS

Computer Name: STEFFIE-PC | User Name: Steffie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.20 16:42:55 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steffie\Downloads\OTL.exe
PRC - [2011.11.11 12:59:34 | 001,212,224 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2011.11.11 12:59:30 | 001,510,720 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.23 20:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe
PRC - [2011.03.28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2010.11.03 19:11:24 | 002,388,264 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe
PRC - [2010.05.20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010.04.05 13:50:00 | 000,494,920 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008.01.16 01:27:10 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2007.12.12 00:13:22 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2007.12.04 18:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.11.29 01:39:36 | 000,229,376 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\Hcontrol.exe
PRC - [2007.11.05 03:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.31 05:35:57 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.10.18 03:04:00 | 007,737,344 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe
PRC - [2007.09.01 01:38:12 | 000,180,224 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2007.08.15 19:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.07.06 00:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.05.14 23:22:22 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
PRC - [2007.02.19 18:02:29 | 002,918,008 | ---- | M] (Symantec Corporation) -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
PRC - [2007.02.19 18:02:29 | 000,554,616 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
PRC - [2006.12.28 14:05:14 | 000,196,608 | ---- | M] () -- C:\Program Files\OCZ Technology\Mouse\Amoumain.exe
PRC - [2005.07.06 23:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
PRC - [2005.05.26 16:12:26 | 000,544,768 | ---- | M] (Motorola Inc.) -- C:\Windows\sm56hlpr.exe


========== Modules (No Company Name) ==========

MOD - [2011.10.21 10:07:12 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011.10.21 10:06:37 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011.10.21 10:06:17 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011.10.21 10:03:47 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011.10.21 10:02:49 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010.11.03 16:52:20 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2010.11.03 16:52:00 | 001,241,376 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.11.03 16:52:00 | 000,324,896 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libtidy.dll
MOD - [2009.07.18 04:21:00 | 003,883,424 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2008.11.13 10:38:06 | 008,007,680 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2008.11.13 10:38:04 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.SHDocVw\1.1.0.0__4b827ebe229d539f\Interop.SHDocVw.dll
MOD - [2008.11.13 10:38:03 | 000,220,160 | ---- | M] () -- C:\Windows\assembly\GAC_32\Asz.Citavi.IEPicker\1.0.0.0__f59eabe05cc67589\Asz.Citavi.IEPicker.dll
MOD - [2007.11.30 19:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.10.18 03:04:00 | 007,737,344 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
MOD - [2007.08.14 21:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007.08.08 10:52:08 | 000,331,776 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\AdsmendecExt.dll
MOD - [2007.07.12 21:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007.07.12 21:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
MOD - [2007.05.14 23:22:22 | 000,035,328 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
MOD - [2007.05.11 00:50:00 | 000,017,024 | ---- | M] () -- C:\Program Files\Adobe\Reader 8.0\Reader\viewerps.dll
MOD - [2006.12.28 14:05:14 | 000,196,608 | ---- | M] () -- C:\Program Files\OCZ Technology\Mouse\Amoumain.exe
MOD - [2005.05.26 16:12:26 | 000,065,536 | ---- | M] () -- C:\Windows\sm56spn.dll
MOD - [2005.05.26 16:12:26 | 000,065,536 | ---- | M] () -- C:\Windows\sm56itl.dll
MOD - [2005.05.26 16:12:26 | 000,065,536 | ---- | M] () -- C:\Windows\sm56ger.dll
MOD - [2005.05.26 16:12:26 | 000,065,536 | ---- | M] () -- C:\Windows\sm56fra.dll
MOD - [2005.05.26 16:12:26 | 000,065,536 | ---- | M] () -- C:\Windows\sm56eng.dll
MOD - [2005.05.26 16:12:26 | 000,065,536 | ---- | M] () -- C:\Windows\sm56brz.dll
MOD - [2005.05.26 16:12:26 | 000,049,152 | ---- | M] () -- C:\Windows\sm56jpn.dll
MOD - [2005.05.26 16:12:26 | 000,045,056 | ---- | M] () -- C:\Windows\sm56cht.dll
MOD - [2005.05.26 16:12:26 | 000,045,056 | ---- | M] () -- C:\Windows\sm56chs.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.11.11 12:59:30 | 001,510,720 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.04.17 01:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe -- (NAV)
SRV - [2011.04.01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.05.20 14:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.10.03 05:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 20:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.05.18 10:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.02.19 18:02:29 | 002,918,008 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE -- (LiveUpdate)
SRV - [2007.02.19 18:02:29 | 000,554,616 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)


========== Driver Services (SafeList) ==========

DRV - [2011.11.18 10:10:32 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011.11.17 21:53:36 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111119.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2011.11.17 21:53:36 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011.11.17 21:53:36 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.11.17 21:53:36 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111119.016\NAVENG.SYS -- (NAVENG)
DRV - [2011.11.17 16:04:32 | 000,368,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20111118.030\IDSvix86.sys -- (IDSVix86)
DRV - [2011.11.14 19:31:30 | 000,819,320 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20111114.002\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011.11.08 21:25:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.03.31 04:00:09 | 000,516,216 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\Drivers\NAV\1206000.01D\SRTSP.SYS -- (SRTSP)
DRV - [2011.03.31 04:00:09 | 000,050,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1206000.01D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011.03.22 01:39:49 | 000,331,384 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NAV\1206000.01D\SYMTDIV.SYS -- (SYMTDIv)
DRV - [2011.03.15 03:31:23 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NAV\1206000.01D\SYMEFA.SYS -- (SymEFA)
DRV - [2011.01.27 07:47:10 | 000,340,088 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\NAV\1206000.01D\SYMDS.SYS -- (SymDS)
DRV - [2011.01.27 06:07:05 | 000,136,312 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NAV\1206000.01D\Ironx86.SYS -- (SymIRON)
DRV - [2010.05.20 14:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009.01.13 08:45:00 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007.08.11 04:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007.08.09 04:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.08.03 05:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.30 18:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.07.13 09:18:19 | 000,050,688 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007.01.24 19:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2006.12.14 01:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005.05.26 16:19:18 | 000,839,724 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2005.03.11 15:17:34 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://google.icq.com/search/search_frame.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lokalisten.de/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=1586&gct=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFFPlgn\ [2011.11.20 15:24:28 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQ Toolbar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ICQ Toolbar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SMSERIAL] C:\Windows\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [WheelMouse] C:\Program Files\OCZ Technology\Mouse\Amoumain.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O8 - Extra context menu item: &Citavi Picker... - C:\Program Files\Internet Explorer\PLUGINS\Citavi Picker\ShowContextMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Steffie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Steffie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63D97EB8-E45E-49B2-81FE-9683962EC024}: DhcpNameServer = 10.64.255.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFBFF7B2-FAD5-4108-A6F3-186B35B87588}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Steffie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Steffie\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{822bb456-d2f9-11df-bc5f-002215895bf8}\Shell\AutoRun\command - "" = F:\WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.11.20 14:00:55 | 000,000,000 | ---D | C] -- C:\Users\Steffie\AppData\Roaming\Malwarebytes
[2011.11.20 14:00:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.20 14:00:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.20 14:00:35 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.11.20 14:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.20 13:33:17 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011.11.20 13:33:15 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011.11.20 13:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2011.11.20 13:32:11 | 000,000,000 | ---D | C] -- C:\Users\Steffie\AppData\Roaming\TuneUp Software
[2011.11.20 13:30:31 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2011.11.20 13:28:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011.11.20 13:28:46 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011.11.18 10:10:31 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1206000.01D\symtdiv.sys
[2011.11.18 10:10:31 | 000,296,568 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1206000.01D\symnets.sys
[2011.11.18 10:10:30 | 000,744,568 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1206000.01D\symefa.sys
[2011.11.18 10:10:30 | 000,516,216 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1206000.01D\srtsp.sys
[2011.11.18 10:10:30 | 000,340,088 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1206000.01D\symds.sys
[2011.11.18 10:10:30 | 000,050,168 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1206000.01D\srtspx.sys
[2011.11.18 10:10:29 | 000,136,312 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\NAV\1206000.01D\ironx86.sys
[2011.11.18 10:09:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NAV\1206000.01D
[2011.11.17 21:28:35 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011.11.17 21:25:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NAV
[2011.11.17 21:25:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
[2011.11.17 21:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\Norton AntiVirus
[2011.10.28 12:06:06 | 000,000,000 | ---D | C] -- C:\Users\Steffie\{517fbef0-afaa-458b-9049-5228477d34c9}
[2011.10.25 20:13:48 | 000,000,000 | ---D | C] -- C:\Users\Steffie\Desktop\Fotos Bordeaux - Kopie
[2007.01.24 19:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys

========== Files - Modified Within 30 Days ==========

[2011.11.20 16:52:18 | 000,000,000 | ---- | M] () -- C:\Users\Steffie\defogger_reenable
[2011.11.20 15:24:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.20 15:24:21 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.20 15:24:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.20 15:24:05 | 3212,042,240 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.20 14:00:41 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.20 13:33:01 | 000,001,876 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2011.11.20 13:33:01 | 000,001,872 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2011.11.20 13:08:37 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2011.11.19 11:54:48 | 000,635,844 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.11.19 11:54:48 | 000,602,226 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.19 11:54:48 | 000,130,234 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.11.19 11:54:48 | 000,107,106 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.18 11:15:59 | 000,002,132 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011.11.18 11:15:00 | 002,429,542 | ---- | M] () -- C:\Windows\System32\drivers\NAV\1206000.01D\Cat.DB
[2011.11.18 10:10:32 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2011.11.18 10:10:32 | 000,007,468 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011.11.18 10:10:32 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011.11.18 09:56:30 | 000,071,618 | ---- | M] () -- C:\Users\Steffie\Desktop\Sans titre 1.jpg
[2011.11.11 12:59:36 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011.11.11 12:59:24 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll

========== Files Created - No Company Name ==========

[2011.11.20 16:52:18 | 000,000,000 | ---- | C] () -- C:\Users\Steffie\defogger_reenable
[2011.11.20 14:00:41 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.20 13:33:01 | 000,001,876 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2011.11.20 13:33:00 | 000,001,872 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2011.11.20 13:32:44 | 000,001,884 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2011.11.18 11:13:43 | 002,429,542 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\Cat.DB
[2011.11.18 10:10:31 | 000,007,877 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\symnetv.cat
[2011.11.18 10:10:31 | 000,001,474 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\symnetv.inf
[2011.11.18 10:10:30 | 000,007,458 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\symnet.cat
[2011.11.18 10:10:30 | 000,007,456 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\symefa.cat
[2011.11.18 10:10:30 | 000,007,454 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\srtspx.cat
[2011.11.18 10:10:30 | 000,007,450 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\srtsp.cat
[2011.11.18 10:10:30 | 000,003,373 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\symefa.inf
[2011.11.18 10:10:30 | 000,002,792 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\symds.inf
[2011.11.18 10:10:30 | 000,001,446 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\symnet.inf
[2011.11.18 10:10:30 | 000,001,389 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\srtspx.inf
[2011.11.18 10:10:30 | 000,001,383 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\srtsp.inf
[2011.11.18 10:10:29 | 000,007,528 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\iron.cat
[2011.11.18 10:10:29 | 000,000,742 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\iron.inf
[2011.11.18 10:10:00 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\symds.cat
[2011.11.18 10:09:57 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NAV\1206000.01D\isolate.ini
[2011.11.18 09:57:49 | 000,071,618 | ---- | C] () -- C:\Users\Steffie\Desktop\Sans titre 1.jpg
[2011.11.17 21:28:35 | 000,007,468 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2011.11.17 21:28:35 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2011.11.17 21:28:13 | 000,002,132 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2011.11.08 19:49:42 | 000,098,730 | ---- | C] () -- C:\Users\Steffie\Desktop\KNORR Stefanie.pdf
[2011.04.28 17:40:04 | 000,000,680 | ---- | C] () -- C:\Users\Steffie\AppData\Local\d3d9caps.dat
[2011.04.05 15:13:32 | 000,123,244 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010.10.27 17:22:17 | 000,001,940 | ---- | C] () -- C:\Users\Steffie\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2009.07.31 08:33:35 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.07.31 08:33:35 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008.09.12 09:19:32 | 000,034,304 | ---- | C] () -- C:\Users\Steffie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.07 11:20:27 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2008.09.01 14:27:01 | 000,000,582 | ---- | C] () -- C:\Windows\eReg.dat
[2008.08.29 13:00:29 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.08.29 12:07:44 | 000,831,342 | ---- | C] () -- C:\ProgramData\LuUninstall.LiveUpdate
[2008.08.08 13:56:44 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2008.04.16 12:11:34 | 000,635,844 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 12:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 12:11:34 | 000,130,234 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 12:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 11:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008.02.11 04:55:17 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2008.02.11 04:34:47 | 002,215,364 | ---- | C] () -- C:\Windows\System32\igklg400.bin
[2008.02.11 04:34:47 | 001,971,732 | ---- | C] () -- C:\Windows\System32\igklg450.bin
[2008.02.11 04:34:47 | 000,029,932 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.bin
[2007.08.06 18:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe
[2006.12.28 04:59:48 | 000,032,768 | ---- | C] () -- C:\Windows\System32\Amhooker.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,373,624 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,602,226 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,107,106 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 02:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.05.26 16:12:26 | 000,065,536 | ---- | C] () -- C:\Windows\sm56spn.dll
[2005.05.26 16:12:26 | 000,065,536 | ---- | C] () -- C:\Windows\sm56itl.dll
[2005.05.26 16:12:26 | 000,065,536 | ---- | C] () -- C:\Windows\sm56ger.dll
[2005.05.26 16:12:26 | 000,065,536 | ---- | C] () -- C:\Windows\sm56fra.dll
[2005.05.26 16:12:26 | 000,065,536 | ---- | C] () -- C:\Windows\sm56eng.dll
[2005.05.26 16:12:26 | 000,065,536 | ---- | C] () -- C:\Windows\sm56brz.dll
[2005.05.26 16:12:26 | 000,049,152 | ---- | C] () -- C:\Windows\sm56jpn.dll
[2005.05.26 16:12:26 | 000,045,056 | ---- | C] () -- C:\Windows\sm56cht.dll
[2005.05.26 16:12:26 | 000,045,056 | ---- | C] () -- C:\Windows\sm56chs.dll

========== LOP Check ==========

[2008.11.13 10:38:47 | 000,000,000 | ---D | M] -- C:\Users\Steffie\AppData\Roaming\Academic Software Zurich
[2011.08.25 22:45:40 | 000,000,000 | ---D | M] -- C:\Users\Steffie\AppData\Roaming\DVDVideoSoft
[2011.07.16 17:13:52 | 000,000,000 | ---D | M] -- C:\Users\Steffie\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.11 17:41:58 | 000,000,000 | ---D | M] -- C:\Users\Steffie\AppData\Roaming\gtk-2.0
[2008.08.29 14:33:19 | 000,000,000 | ---D | M] -- C:\Users\Steffie\AppData\Roaming\ICQ
[2008.08.29 12:57:46 | 000,000,000 | ---D | M] -- C:\Users\Steffie\AppData\Roaming\ICQ Toolbar
[2011.11.20 13:32:11 | 000,000,000 | ---D | M] -- C:\Users\Steffie\AppData\Roaming\TuneUp Software
[2011.11.20 15:23:17 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< defogger_enable by jpshortstuff (23.02.10.1) >

< Log created at 16:52 on 20/11/2011 (Steffie) >
Invalid Switch: 2011 (Steffie)


< >

< Parsing file... >

< >

< >

< -=E.O.F=- >

< End of report >

Extras:

OTL Extras logfile created on: 20.11.2011 16:55:33 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Steffie\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,99 Gb Total Physical Memory | 1,30 Gb Available Physical Memory | 43,47% Memory free
6,19 Gb Paging File | 4,77 Gb Available in Paging File | 77,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 116,44 Gb Total Space | 42,12 Gb Free Space | 36,18% Space Free | Partition Type: NTFS
Drive D: | 106,68 Gb Total Space | 89,26 Gb Free Space | 83,67% Space Free | Partition Type: NTFS

Computer Name: STEFFIE-PC | User Name: Steffie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15B8D2A7-D1D3-4BDC-A9DD-77E1E9E978D2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{3CB9162A-9775-4CCB-9235-AC434A0EA6F7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{96780290-A12F-4ADF-AAE0-7C3ABA95ADED}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2FF67663-2B27-4BBA-A3C7-239211EF0C22}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{3C14F194-1B74-49EF-855D-5F847C0ED44F}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{47802E92-0017-41F6-AE63-B3A7D8E8E2A8}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{530423ED-204D-49B8-A408-B1B077D3C1C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6FE08EED-63AF-4A7B-9408-4E6EB73458D2}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{7BB748AD-71F1-416B-80FB-AFE9DFD43BF9}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{AB339288-C706-4C33-BAC5-F719DD1ED766}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{AD65B45E-1CB1-4E80-BA79-15F882496CE1}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{B65BBCA9-3F47-4422-86A1-E35E8DE2C9C9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CADD8B70-C9AF-4452-8D7C-AE210B313F47}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DC3A2331-846E-40CF-AE4C-52650AC6044C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{E5B9BE2D-16A7-44F6-960B-B4F8E9B7C144}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{EB923B44-E44F-4E39-87BF-E0A4DE961810}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{F215C3F8-9BA0-48CC-BEF2-ED3F404F86AA}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C037D08B-4883-491D-9329-DC5ACA90F797}" = Sony Ericsson PC Suite
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Citavi" = Citavi 2.4.7
"conduitEngine" = Conduit Engine
"das Gesamtinformationspaket von MPU - Restalkohol" = das Gesamtinformationspaket von MPU - Restalkohol
"DoulosSIL" = DoulosSIL 4.106
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.6.715
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.8.815
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NAV" = Norton AntiVirus
"PROHYBRIDR" = 2007 Microsoft Office system
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows
"SMSERIAL" = Motorola SM56 Data Fax Modem
"softonic-de3 Toolbar" = softonic-de3 Toolbar
"Spotlight Games" = Spotlight Games (ital)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VideoLAN VLC media player 0.8.6
"WheelMouse" = OCZ Technology Laser Gaming Mouse
"Winamp" = Winamp (remove only)
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28.01.2010 13:21:00 | Computer Name = Steffie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung EPMWOR~1.EXE, Version 1.2.0.1093, Zeitstempel
0x422445a2, fehlerhaftes Modul db_objects.dll, Version 1.0.0.1116, Zeitstempel
0x42244455, Ausnahmecode 0xc0000005, Fehleroffset 0x00004f5c, Prozess-ID 0x47c, Anwendungsstartzeit
01caa03e41ce3a91.

Error - 28.01.2010 13:21:45 | Computer Name = Steffie-PC | Source = WinMgmt | ID = 10
Description =

Error - 29.01.2010 12:51:47 | Computer Name = Steffie-PC | Source = WinMgmt | ID = 10
Description =

Error - 30.01.2010 04:37:00 | Computer Name = Steffie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung EPMWOR~1.EXE, Version 1.2.0.1093, Zeitstempel
0x422445a2, fehlerhaftes Modul db_objects.dll, Version 1.0.0.1116, Zeitstempel
0x42244455, Ausnahmecode 0xc0000005, Fehleroffset 0x00004f5c, Prozess-ID 0x53c, Anwendungsstartzeit
01caa18763a7b083.

Error - 30.01.2010 04:38:01 | Computer Name = Steffie-PC | Source = WinMgmt | ID = 10
Description =

Error - 31.01.2010 09:31:51 | Computer Name = Steffie-PC | Source = WinMgmt | ID = 10
Description =

Error - 31.01.2010 09:34:10 | Computer Name = Steffie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung winamp.exe, Version 5.3.5.1305, Zeitstempel
0x4648e17d, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000,
Ausnahmecode 0xc0000005, Fehleroffset 0x002241c0, Prozess-ID 0x2b8, Anwendungsstartzeit
01caa279bdd544b6.

Error - 01.02.2010 13:11:09 | Computer Name = Steffie-PC | Source = WinMgmt | ID = 10
Description =

Error - 02.02.2010 13:07:34 | Computer Name = Steffie-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung EPMWOR~1.EXE, Version 1.2.0.1093, Zeitstempel
0x422445a2, fehlerhaftes Modul db_objects.dll, Version 1.0.0.1116, Zeitstempel
0x42244455, Ausnahmecode 0xc0000005, Fehleroffset 0x00004f5c, Prozess-ID 0xe20, Anwendungsstartzeit
01caa42a3430ad13.

Error - 02.02.2010 13:08:49 | Computer Name = Steffie-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 15.11.2011 22:02:48 | Computer Name = Steffie-PC | Source = DCOM | ID = 10010
Description =

Error - 17.11.2011 16:05:12 | Computer Name = Steffie-PC | Source = Service Control Manager | ID = 7043
Description =

Error - 17.11.2011 16:12:09 | Computer Name = Steffie-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 17.11.2011 16:19:55 | Computer Name = Steffie-PC | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_SYMEVENT\0000" wurde ohne vorbereitende Maßnahmen
vom System entfernt.

Error - 17.11.2011 16:30:22 | Computer Name = Steffie-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 18.11.2011 04:51:33 | Computer Name = Steffie-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 18.11.2011 06:17:28 | Computer Name = Steffie-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 19.11.2011 06:30:32 | Computer Name = Steffie-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 20.11.2011 08:10:55 | Computer Name = Steffie-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 20.11.2011 10:25:35 | Computer Name = Steffie-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =


< End of report >

Gmer:


GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-11-20 17:32:31
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 Hitachi_ rev.BBFO
Running: jiz749g3.exe; Driver: C:\Users\Steffie\AppData\Local\Temp\ugrirfob.sys


---- System - GMER 1.0.15 ----

SSDT 87DF50B8 ZwAlertResumeThread
SSDT 87DF5198 ZwAlertThread
SSDT 87DF5AA8 ZwAllocateVirtualMemory
SSDT 87BD2AC8 ZwAlpcConnectPort
SSDT 87DF6810 ZwAssignProcessToJobObject
SSDT 87DF6E00 ZwCreateMutant
SSDT 87DF7C08 ZwCreateSymbolicLinkObject
SSDT 87DF5FB0 ZwCreateThread
SSDT 87DF68F0 ZwDebugActiveProcess
SSDT 87DF5C78 ZwDuplicateObject
SSDT 87DF58C8 ZwFreeVirtualMemory
SSDT 87DF6EF0 ZwImpersonateAnonymousToken
SSDT 87DF6FD0 ZwImpersonateThread
SSDT 87C56590 ZwLoadDriver
SSDT 87DF57C8 ZwMapViewOfSection
SSDT 87DF6D20 ZwOpenEvent
SSDT 87DF5E58 ZwOpenProcess
SSDT 87DF5B98 ZwOpenProcessToken
SSDT 87DF6B18 ZwOpenSection
SSDT 87DF5D68 ZwOpenThread
SSDT 87DF6720 ZwProtectVirtualMemory
SSDT 87DF5278 ZwResumeThread
SSDT 87DF5518 ZwSetContextThread
SSDT 87DF55F8 ZwSetInformationProcess
SSDT 87DF69D0 ZwSetSystemInformation
SSDT 87DF6BF8 ZwSuspendProcess
SSDT 87DF5358 ZwSuspendThread
SSDT 87DE81A0 ZwTerminateProcess
SSDT 87DF5438 ZwTerminateThread
SSDT 87DF56E8 ZwUnmapViewOfSection
SSDT 87DF59B8 ZwWriteVirtualMemory
SSDT 87DF6308 ZwCreateThreadEx

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 822B78A0 8 Bytes [B8, 50, DF, 87, 98, 51, DF, ...]
.text ntkrnlpa.exe!KeSetEvent + 131 822B78B4 4 Bytes [A8, 5A, DF, 87]
.text ntkrnlpa.exe!KeSetEvent + 13D 822B78C0 4 Bytes [C8, 2A, BD, 87] {ENTER 0xbd2a, 0x87}
.text ntkrnlpa.exe!KeSetEvent + 191 822B7914 4 Bytes [10, 68, DF, 87]
.text ntkrnlpa.exe!KeSetEvent + 1F5 822B7978 4 Bytes [00, 6E, DF, 87]
.text ...
? System32\drivers\bimjrw.sys Das System kann den angegebenen Pfad nicht finden. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Safari\Safari.exe[5608] USER32.dll!EndPaint 762FA28F 5 Bytes JMP 68D5F560 C:\Program Files\Common Files\Apple\Apple Application Support\WebKit.dll (WebKit Dynamic Link Library/Apple Inc.)
.text C:\Program Files\Safari\Safari.exe[5608] USER32.dll!BeginPaint 762FA2A3 5 Bytes JMP 68D5F4F0 C:\Program Files\Common Files\Apple\Apple Application Support\WebKit.dll (WebKit Dynamic Link Library/Apple Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AsDsm.sys (Data Security Manager Driver/Windows (R) Codename Longhorn DDK provider)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----




Danke danke danke an jeden der mir helfen kann

Liebe Grüße

 

Themen zu PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards
antivirus, bho, bingbar, bonjour, browser, conduit, converter, desktop, dringend, error, excel, firefox, flash player, home, install.exe, installation, intrusion prevention, logfile, maßnahme, microsoft office word, mp3, office 2007, ordnerverknüpfungen, realtek, registry, scan, security, security update, shell32.dll, software, symantec, usb, version=1.0, virus, vista


« Autologin Adminkonto im laufenden Betrieb (Win XP) | emailversand über Adressbuch »


Ähnliche Themen: PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards


  1. USB-Stick nur noch mit Verknüpfungen
    Log-Analyse und Auswertung - 01.05.2015 (13)
  2. Virus erstellt Verknüpfungen auf externen Geräten und setzt MP3 Player außer Gefecht
    Log-Analyse und Auswertung - 22.04.2015 (10)
  3. Auf dem USB Stick werden nur noch Verknüpfungen von Ordnern erstellt
    Plagegeister aller Art und deren Bekämpfung - 03.02.2015 (20)
  4. Virus erstellt Verknüpfungen - Teil II
    Plagegeister aller Art und deren Bekämpfung - 16.08.2014 (29)
  5. Windows 8.1: USB-Stick erstellt noch nur Verknüpfungen - Datensicherung
    Plagegeister aller Art und deren Bekämpfung - 18.07.2014 (22)
  6. Virus/Trojaner erstellt Verknüpfungen auf USB-Sticks
    Plagegeister aller Art und deren Bekämpfung - 20.06.2014 (21)
  7. Win 7: USB-Stick erstellt nur noch Verknüpfungen
    Plagegeister aller Art und deren Bekämpfung - 23.05.2014 (13)
  8. Windows 7 - USB-Stick erstellt nur noch Verknüpfungen Scans bisher erfolglos
    Log-Analyse und Auswertung - 14.02.2014 (17)
  9. Windows 7: USB-Stick erstellt verknüpfungen zu jedem File/Ordner und versteckt die echten Files/Ordner
    Log-Analyse und Auswertung - 14.01.2014 (23)
  10. Nur noch Verknüpfungen auf USB-STick
    Plagegeister aller Art und deren Bekämpfung - 14.11.2013 (33)
  11. USB nur noch Verknüpfungen
    Log-Analyse und Auswertung - 11.10.2012 (1)
  12. Root:\84612796\DCIM.exe macht aus Ordnern Verknüpfungen zu DCIM.exe
    Log-Analyse und Auswertung - 10.01.2012 (3)
  13. USB Stick erstellt nur Verknüpfungen
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (10)
  14. WIN7 erstellt Verknüpfungen auf USB Laufwerken
    Plagegeister aller Art und deren Bekämpfung - 13.10.2011 (5)
  15. Verknüpfungen anstelle Ordnern auf externen Speichermedien
    Log-Analyse und Auswertung - 27.06.2011 (2)
  16. VBS Scriptvirus - erstellt viele Verknüpfungen und laesst sich mit AntiVir nicht beheben
    Log-Analyse und Auswertung - 13.04.2011 (31)
  17. Escan Erstellt Ordnern
    Antiviren-, Firewall- und andere Schutzprogramme - 27.01.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards - Hallo! Mein PC erstellt mir nur noch Verknüpfungen von Ordnern, die sich auf dem USB-Stick oder der Memory Card meiner Kamera befinden. Ich habe eine JPEG-Datei bei facebook öffnen wollen - PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards...
Archiv
Du betrachtest: PC erstellt nur noch Verknüpfungen von Ordnern auf USB, Memory Cards auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131