Programm kann Webseite nicht anzeigen...Trojaner

kira · 08.02.2012, 17:08

1.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
O4 - HKLM..\Run: [InetAccelerator] C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O4 - HKLM..\Run: [InetAccelerator.] C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKU\Familie_Caliebe_ON_C..\Run: [InetAccelerator] C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKLM Winlogon: UserInit - (C:\ProgramData\InetAccelerator\InetAccelerator.exe) - C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\InetAccelerator.exe) - C:\Windows\System32\InetAccelerator.exe (MacroSoft)
[2012/02/03 13:37:26 | 000,335,872 | ---- | C] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2012/02/03 12:40:39 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator
[2012/02/03 12:40:38 | 000,335,872 | ---- | M] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2011/12/14 21:27:04 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Aqefwi

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

2.
TDSSKiller von Kaspersky

Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
deaktiviere vorübergehend dein AntiVirus-Programm
Starte die TDSSKiller.exe durch Doppelklick.
Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
Bestätige das ggfs. mit Y(es).
Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.

Hier findest Du eine ausführlichere Anleitung.

3.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

piranya · 10.02.2012, 21:14

Hier der Fix Report

Code:

ATTFilter

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\InetAccelerator deleted successfully.
C:\Windows\System32\InetAccelerator.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\InetAccelerator. deleted successfully.
C:\ProgramData\InetAccelerator\InetAccelerator.exe moved successfully.
Registry value HKEY_USERS\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\InetAccelerator deleted successfully.
C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\ProgramData\InetAccelerator\InetAccelerator.exe deleted successfully.
File C:\ProgramData\InetAccelerator\InetAccelerator.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Windows\system32\InetAccelerator.exe deleted successfully.
File C:\Windows\System32\InetAccelerator.exe not found.
File C:\Windows\System32\InetAccelerator.exe not found.
C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator folder moved successfully.
File C:\Windows\System32\InetAccelerator.exe not found.
C:\Users\Familie Caliebe\AppData\Roaming\Aqefwi folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Familie Caliebe
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
 
Total Files Cleaned = 0.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 02102012_210114

piranya · 10.02.2012, 21:35

Dieser Kapersky findet nix und kann beim starten folgendes nicht machen>

Habe in reatogo das program geladen
ich wuesste nicht wie ich darun antivir abschalten kann

1. Cant initialiye log
2. Cant load driver

dann finde ich unter der gegebenen adresse kein log file und ausserdem findet das Programm keinen Fehler.

lasse dann aber OTLPE nochmal laufen.

piranya · 10.02.2012, 21:43

Code:

ATTFilter

OTL logfile created on: 2/10/2012 9:39:32 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92.21 Gb Total Space | 16.82 Gb Free Space | 18.24% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 441.39 Gb Free Space | 94.77% Space Free | Partition Type: NTFS
Drive G: | 364.76 Gb Total Space | 327.71 Gb Free Space | 89.84% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/10/21 09:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 11:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/11 07:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 07:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/07/08 15:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010/09/29 03:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/04/05 14:55:01 | 000,116,104 | ---- | M] () [Auto] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009/11/13 06:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/08/21 09:24:02 | 000,070,336 | ---- | M] () [On_Demand] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService)
SRV - [2008/06/01 13:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/06/01 13:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/06/01 13:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/04/25 07:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008/04/20 11:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/28 09:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/24 05:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/01/24 05:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2011/12/10 09:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/12/10 04:44:02 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/10/11 08:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/11 08:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 08:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/09 08:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/07/17 11:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/01 13:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC)
DRV - [2008/06/01 13:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/06/01 13:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2008/06/01 13:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2008/05/27 06:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008/05/01 01:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/04/15 10:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008/04/03 07:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008/03/25 09:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/03/25 06:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008/03/19 04:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/01/23 04:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/22 13:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007/11/29 02:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/10/18 07:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 04:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/07/27 05:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007/07/27 03:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007/01/04 13:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System] -- C:\Windows\System32\WinIo.sys -- (WINIO)
DRV - [2005/01/06 22:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01  [binary data]
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Familie Caliebe\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/19 06:42:59 | 000,000,000 | ---D | M]
 
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/01/09 05:56:48 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
 
O1 HOSTS File: ([2011/07/14 21:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\Familie_Caliebe_ON_C\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [FSCRecovery] C:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NPCTray]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk =  File not found
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH))
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Familie_Caliebe_ON_C Winlogon: Shell - (C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe) -  File not found
O20 - HKU\Familie_Caliebe_ON_C Winlogon: Shell - (C:\Users\Familie Caliebe\AppData\Roaming\Explorer.exe) -  File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/08 10:58:25 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012/02/08 10:58:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/08 09:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/03 12:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator
[2012/02/03 09:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24
[2012/02/01 11:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/01 11:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/01 11:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/31 03:51:01 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/08 05:41:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/08 05:37:22 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/08 05:37:22 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/08 05:36:50 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/08 05:36:50 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/08 05:36:48 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/02/03 14:10:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/02/03 13:37:28 | 000,000,274 | ---- | M] () -- C:\Windows\win.ini
[2012/02/03 13:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2012/02/03 07:52:48 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
[2012/02/01 11:57:29 | 001,445,310 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012/02/01 11:57:29 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/02/01 11:57:29 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/01 11:57:29 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/02/01 11:57:29 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/01 11:41:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/01 04:31:07 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk
[2012/02/01 04:31:07 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/01/26 18:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
========== Files Created - No Company Name ==========
 
[2011/11/24 10:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini
[2011/11/22 02:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2011/11/22 02:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2011/11/22 02:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2011/11/22 02:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2011/11/22 02:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2011/11/22 02:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2011/10/13 20:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/05/16 09:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
[2011/04/28 13:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/16 12:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/16 12:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/01/16 12:37:40 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2010/11/21 15:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png
[2010/05/08 12:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009/09/23 18:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/08/31 13:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2009/08/05 03:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/07/19 08:56:48 | 000,049,152 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/14 07:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/07/14 07:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat
[2009/07/05 14:35:33 | 000,113,416 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/05/29 10:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/29 10:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/09/12 10:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/08/13 09:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/08/13 09:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/08/13 08:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/08/13 08:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/08/13 08:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/08/13 08:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/06/01 13:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008/04/25 07:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008/04/09 05:19:15 | 001,445,310 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[2008/04/09 04:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/09 04:14:36 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/09 04:14:36 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/09 04:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/01/20 21:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2007/12/21 09:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/09/04 06:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007/02/05 14:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:37:35 | 000,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 07:37:35 | 000,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:37:35 | 000,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:35 | 000,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:34:41 | 000,197,632 | ---- | C] () -- C:\Windows\System32\ir32_32.dll
[2006/11/02 05:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2006/11/02 05:23:31 | 000,000,274 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 05:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 02:10:37 | 000,053,536 | ---- | C] () -- C:\Windows\System32\dosx.exe
[2006/11/02 02:10:02 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe
[2006/11/02 02:10:00 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe
[2006/11/02 02:09:59 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com
[2006/11/02 02:09:59 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM
[2006/11/02 02:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe
[2006/11/02 02:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe
[2006/11/02 02:09:57 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM
[2006/11/02 02:09:56 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe
[2006/11/02 02:09:55 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe
[2006/11/02 02:09:55 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM
[2006/11/02 02:09:53 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe
[2006/11/02 02:09:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe
[2006/11/02 02:09:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe
[2006/11/02 02:09:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe
[2006/11/02 02:09:49 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM
[2006/11/02 02:09:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe
[2006/11/02 02:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys
[2006/11/02 02:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 02:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 02:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS
[2006/11/02 02:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 02:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 02:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 02:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 02:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 02:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 02:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 02:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 02:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 02:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS
[2006/11/02 02:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 01:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll
[2006/04/21 03:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2005/07/22 14:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001/10/10 01:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll
[2001/10/10 01:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll
[2001/03/07 01:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll
 
========== LOP Check ==========
 
[2011/04/15 09:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon
[2010/11/21 18:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer
[2012/02/03 11:08:38 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox
[2010/12/09 11:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter
[2009/09/20 10:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0
[2009/10/19 14:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe
[2009/09/18 09:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView
[2011/12/14 04:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes
[2011/11/15 02:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks
[2009/08/04 04:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware
[2011/12/10 09:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer
[2011/04/27 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia
[2010/06/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape
[2011/01/27 04:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org
[2010/11/19 07:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite
[2009/09/20 17:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet
[2011/11/25 12:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg
[2011/05/12 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion
[2011/07/14 14:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer
[2009/07/14 07:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template
[2010/11/21 18:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom
[2009/11/09 13:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/01/08 14:59:53 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2009/08/04 04:04:09 | 000,000,000 | ---D | M] -- C:\ProgramData\BTrieve
[2011/03/09 06:18:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2011/03/09 06:37:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonEPP
[2011/04/15 09:26:52 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJ
[2011/05/20 07:14:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEPPEX
[2011/03/09 06:37:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEPPEX2
[2011/03/09 06:23:09 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJMSetup
[2011/03/09 06:37:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJMyPrinter
[2012/02/02 06:37:18 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2011/04/15 09:27:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJScan
[2011/03/09 06:37:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJSolutionMenuEX
[2011/03/09 06:21:01 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJWSpt
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/01/09 05:56:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Haufe
[2009/07/05 15:39:43 | 000,000,000 | ---D | M] -- C:\ProgramData\HDBR31
[2012/02/10 21:01:18 | 000,000,000 | ---D | M] -- C:\ProgramData\InetAccelerator
[2010/11/19 09:58:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2011/09/29 14:10:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Lexware
[2011/12/14 04:49:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Mobile Master
[2010/11/19 09:59:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Nokia
[2010/11/19 07:30:46 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaInstallerCache
[2010/11/19 07:42:06 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaMusic
[2010/11/19 07:39:33 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2009/09/20 17:33:55 | 000,000,000 | ---D | M] -- C:\ProgramData\PixelPlanet
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/11/30 15:56:33 | 000,000,000 | ---D | M] -- C:\ProgramData\TomTom
[2009/11/09 13:10:07 | 000,000,000 | ---D | M] -- C:\ProgramData\VistaCodecs
[2010/11/07 04:46:32 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2009/07/05 14:34:29 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/09/21 14:13:41 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/03 14:10:32 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/03 07:52:48 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
 
========== Purity Check ==========
 
 
< End of report >

piranya · 10.02.2012, 21:45

Code:

ATTFilter

OTL Extras logfile created on: 2/10/2012 9:39:32 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92.21 Gb Total Space | 16.82 Gb Free Space | 18.24% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 441.39 Gb Free Space | 94.77% Space Free | Partition Type: NTFS
Drive G: | 364.76 Gb Total Space | 327.71 Gb Free Space | 89.84% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 25
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Familie_Caliebe_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
 
< End of report >

piranya · 10.02.2012, 22:05

Hey kira,

jetzt habe ich einen Neustart gewagt und bin in Vista wieder drin.

Danke schon mal.

Ich bin mir aber ziemlich sicher, dass damit das Problem nicht behoben ist, sondern nur unterdrückt.

Mein System fragt sofort nach einem Java update.

Was soll ich jetzt machen?

Was wäre eine gute Lösung wie ich mich insgesamt schützen kann?
Ich gehe davon aus, dass sobald ich meine Daten gesichert habe (wie mache ich das ohne Viren und Trojaner mitzunehmen?), dass ich die Platte formatieren sollte. Anschließend kann ich windows 7 installieren.

piranya

kira · 11.02.2012, 09:30

Ok, dann so geht es weiter:

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung/virus-protect.org

2.
NICHT OTLPE starten!!, sondern:

Systemscan mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop.

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:

Download den CCleaner
Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

4.
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit)
Achtung!:
WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten!
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :

- also lade Dir Gmer herunter und entpacke es auf deinen Desktop
- starte gmer.exe
- [b]schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
- bitte nichts am Pc machen während der Scan läuft!
- klicke auf "Scan", um das Tool zu starten
- wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
- mit "Ok" wird GMER beendet.
- das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren

** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!
Anleitung:-> GMER - Rootkit Scanner

5.
Kontrolle mit MBR -t, ob Master Boot Record in Ordnung ist (MBR-Rootkit)

Mit dem folgenden Tool prüfen wir, ob sich etwas Schädliches im Master Boot Record eingenistet hat.

Downloade die MBR.exe von Gmer und
kopiere die Datei mbr.exe in den Ordner C:\Windows\system32.
Falls Du den Ordner nicht sehen kannst, diese Einstellungen in den Ordneroptionen vornehmen.
Start => ausführen => cmd (da reinschreiben) => OK
es öffnet sich eine Eingabeaufforderung.

Vista- und Windows 7-User: Start => Alle Programme => Zubehör => Rechtsklick auf Eingabeaufforderung und wähle Als Administrator ausführen.
Nach dem Prompt (>_) folgenden

aus der Codebox manuell eingeben oder alternativ den mit STRG + C ins Clipboard kopieren und einfügen.
Einfügen in der Eingabeaufforderung: in der Titelleiste einen Rechtsklick machen => Bearbeiten => einfügen.
Code:
ATTFilter
```
mbr.exe -t > C:\mbr.log & C:\mbr.log
         
```
(Enter drücken)
Nach kurzer Zeit wird sich Dein Editor öffnen und die Datei C:\mbr.log beinhalten.
Bitte kopiere den Inhalt hier in Deinen Thread.

piranya · 11.02.2012, 12:02

hi, also dann wollen wir mal:

malware log:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.10.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19170
Familie Caliebe :: FAMCALIEBE-PC [Administrator]

Schutz: Aktiviert

10.02.2012 22:12:31
mbam-log-2012-02-10 (22-12-31).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 452103
Laufzeit: 3 Stunde(n), 52 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Trojan.Agent) -> Daten: C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe,C:\Users\Familie Caliebe\AppData\Roaming\Explorer.exe, -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\$Recycle.Bin\S-1-5-21-2760801815-2772606527-509779656-1000\$RKNJ6OT.exe (Trojan.Cryptpin.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02102012_210114\C_ProgramData\InetAccelerator\InetAccelerator.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02102012_210114\C_Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02102012_210114\C_Windows\System32\InetAccelerator.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

OTL Logfile:
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 11.02.2012 11:38:33 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 54,76% Memory free
6,07 Gb Paging File | 4,24 Gb Available in Paging File | 69,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 13,65 Gb Free Space | 14,80% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 441,36 Gb Free Space | 94,76% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 327,71 Gb Free Space | 89,84% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 86,84 Gb Free Space | 18,64% Space Free | Partition Type: NTFS
 
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
PRC - [2012.01.18 19:54:06 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.16 12:54:22 | 000,220,744 | ---- | M] (Geek Software GmbH) -- C:\Program Files\pdf24\pdf24.exe
PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.11.19 12:42:39 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.12 20:36:26 | 002,260,992 | ---- | M] (FIC) -- C:\Program Files\Launch Pad\LaunchPad.exe
PRC - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008.06.19 13:03:22 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe
PRC - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe
PRC - [2008.05.08 06:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008.04.20 17:30:16 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.03.14 12:09:56 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008.01.22 19:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.10.29 13:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007.10.04 17:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.01.27 10:13:37 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.01.18 15:50:02 | 000,417,792 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\adobexmp.dll
MOD - [2008.06.19 13:14:12 | 000,107,280 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.dll
MOD - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
MOD - [2008.06.19 13:05:28 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
MOD - [2008.06.19 13:05:04 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
MOD - [2008.06.19 13:04:54 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll
MOD - [2008.06.19 13:04:08 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll
MOD - [2008.06.19 13:03:56 | 000,344,336 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll
MOD - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe
MOD - [2008.06.01 19:44:20 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe
MOD - [2005.07.22 20:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010.09.29 09:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.08.21 15:24:02 | 000,070,336 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService)
SRV - [2008.06.01 19:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.01.24 11:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.01.24 11:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.12.10 15:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.12.10 10:44:02 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.12.09 14:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.17 17:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.01 19:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC)
DRV - [2008.06.01 19:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.06.01 19:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2008.06.01 19:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2008.05.27 12:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.05.01 07:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.15 16:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008.04.03 13:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008.03.25 15:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008.03.25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008.03.19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008.01.23 10:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.01.22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007.11.29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.10.18 13:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.10.02 10:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.07.27 11:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007.07.27 09:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007.01.04 19:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System | Running] -- C:\Windows\System32\WinIo.sys -- (WINIO)
DRV - [2005.01.07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Familie Caliebe\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.11.19 12:42:59 | 000,000,000 | ---D | M]
 
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.01.09 11:56:48 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
 
O1 HOSTS File: ([2011.07.15 03:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH))
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F1352B-26BE-42F8-A68D-EFC7DA290643}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB303501-7B79-4119-B373-F5AF1B598B00}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.12.15 08:01:46 | 000,000,113 | ---- | M] () - G:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.11 11:32:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
[2012.02.11 02:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.11 02:36:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.10 22:11:43 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\Malwarebytes
[2012.02.10 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.10 22:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.10 22:11:30 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.08 16:58:25 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012.02.08 16:58:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.08 15:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.02.03 18:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator
[2012.02.03 15:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24
[2012.02.01 17:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.01 17:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.01 17:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
[2012.02.11 10:27:57 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 10:27:57 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 04:11:14 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.02.11 03:21:50 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.11 03:21:50 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.11 03:21:50 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.11 03:21:50 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.11 02:28:30 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.02.11 02:27:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.11 02:27:49 | 3150,782,464 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.11 02:26:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.10 21:53:55 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
[2012.02.03 19:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2012.02.01 10:31:07 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk
[2012.02.01 10:31:07 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
========== Files Created - No Company Name ==========
 
[2012.02.10 21:47:55 | 3150,782,464 | -HS- | C] () -- C:\hiberfil.sys
[2011.11.24 16:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini
[2011.11.22 08:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2011.11.22 08:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2011.11.22 08:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2011.11.22 08:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2011.11.22 08:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2011.11.22 08:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2011.10.14 02:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.05.16 15:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
[2011.04.28 19:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.16 18:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.01.16 18:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.11.21 21:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png
[2010.05.08 18:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009.09.24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.08.31 19:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2009.08.05 09:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.07.19 14:56:48 | 000,049,152 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.14 13:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.07.14 13:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat
[2009.05.29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.08.13 14:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008.08.13 14:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008.08.13 14:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008.08.13 14:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.06.01 19:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008.04.25 13:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008.04.09 10:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.09 10:14:36 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.09 10:14:36 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.09 10:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.12.21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.04.21 09:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001.10.10 07:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll
[2001.10.10 07:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll
[2001.03.07 07:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll
 
========== LOP Check ==========
 
[2011.04.15 15:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon
[2010.11.22 00:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer
[2012.02.11 08:52:37 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox
[2010.12.09 17:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter
[2009.09.20 16:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0
[2009.10.19 20:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe
[2009.09.18 15:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView
[2011.12.14 10:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes
[2011.11.15 08:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks
[2009.08.04 10:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware
[2011.12.10 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer
[2011.04.27 20:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia
[2010.06.07 13:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape
[2011.01.27 10:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org
[2010.11.19 13:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite
[2009.09.20 23:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet
[2011.11.25 18:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg
[2011.05.12 22:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion
[2011.07.14 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer
[2009.07.14 13:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template
[2010.11.22 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom
[2009.11.09 19:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs
[2012.02.11 02:26:36 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.02.10 21:53:55 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

--- --- ---

OTL Logfile:
OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 11.02.2012 11:38:33 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 54,76% Memory free
6,07 Gb Paging File | 4,24 Gb Available in Paging File | 69,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 13,65 Gb Free Space | 14,80% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 441,36 Gb Free Space | 94,76% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 327,71 Gb Free Space | 89,84% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 86,84 Gb Free Space | 18,64% Space Free | Partition Type: NTFS
 
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028B4C32-C2D9-4394-902F-B9142219333C}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{04F92F9A-138C-42BC-921A-6E929B789ACE}" = lport=139 | protocol=6 | dir=in | app=system | 
"{0CF2E451-41AC-4B16-B11E-81C4D558ADF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{0F94B7EE-08A7-49B0-916F-DBEBF25DF505}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{14B0B50E-0819-4BBD-84A1-F51E92743180}" = lport=138 | protocol=17 | dir=in | app=system | 
"{177BBE08-15EF-4FFF-88EB-3E17CA93AFE0}" = rport=445 | protocol=6 | dir=out | app=system | 
"{399FDB8C-5179-42B2-A847-F738A011EA7D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3D2C6B5F-2B58-4FF8-995D-7B8DCC4AFA97}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{4BB8119E-E588-4963-B0F7-667AA204AF76}" = rport=137 | protocol=17 | dir=out | app=system | 
"{4C864EF2-4DB2-4AD5-829C-BAA34CA3F038}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{4F230D45-7BEE-498C-85F3-091CC6D56780}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{529CD8FE-D9D3-46B8-8E7A-B6C8BA20C872}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{56E53D23-9C46-4171-B4BD-EFEFDE2DBCA6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{5FC96C63-4C16-45BD-AD48-836411891633}" = lport=137 | protocol=17 | dir=in | app=system | 
"{61357620-41F8-48DD-AFFD-228457F83830}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{692D14CA-E8EA-4C5D-B2C8-4E124BE5ABC0}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 | 
"{74C16965-AF24-48D7-B913-7A95C4B7A475}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{8248A5D1-C496-4E05-AF87-7119575749AE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{8345D527-2093-4C85-B5B9-DC13EF97E7CE}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{8DF2E9DE-924C-48D9-A533-910B82DAD3F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8F631649-75FD-476B-A8CA-F08361146E6D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{90F60FA8-7C36-4BC7-B476-A76F1CA349F8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{97A07EDA-C778-485D-8250-2B9526CD87A1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{ADC075BE-47C4-4E1C-A951-89C496952C3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AEBCB133-9BA5-4C3A-8BC5-7408E0096418}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B157AC96-138D-42F7-9D03-1BD53F3AECEE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B16315F2-2295-4409-826B-EB0C60194D4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B787F7C8-758E-4D0B-AF40-4D0E936A6A40}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B9EC8EB4-BAFD-4FC1-86E3-7E809FF82DF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C75F07D7-7439-4878-9700-FD62FB9ECB4E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{C793794A-107A-466E-B0F5-044E487FF23F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 | 
"{D4ECD863-4A9F-4CCC-A9DD-C95B8FE51F0C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{D81FE3F8-4BF9-4559-93B1-99B5F11296EF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{E3A2B235-5E7E-41DE-8387-46E14FA5C8DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{E3B52225-2D40-45DD-A1C6-344AE1ADB81B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{EF823FEB-C81D-41FD-B2DB-2710D38C6451}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 | 
"{EF8868C3-56E3-431F-A11B-766A1E15DE42}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F7E23D1C-F8DD-4FC6-8C12-18A78E2EE947}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{FEF35F35-6B6E-4285-89AB-15789297896F}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16CFECE3-6272-40FB-AC9F-6E6884EFD3F1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{1CA5A966-6291-4188-86E8-C00AF13ECD63}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{2C29F314-74C9-4645-A2AB-4BDAA7ACB000}" = protocol=6 | dir=out | app=system | 
"{39BFA96F-2ED4-4B36-B4C8-47D40FAC1EA8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{400B3FCA-0462-4A41-A488-667BE7300515}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{53A783E9-71AA-49C6-BD46-B20324A38E94}" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe | 
"{5A6464F6-6CCB-4BB3-B009-1B73CC55E515}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{5BD806D7-EE42-4989-AFE3-874512F1DA7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5C0ACF25-5B53-4527-9C5A-3DDBD2095673}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{5CE22F28-378D-401F-BBC1-259DF989CA9E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{63920450-A1B2-4B2C-9F3E-AE7202AC6EAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6915F986-0CF0-4252-8CAB-AFA6862DD3CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7135FA55-D064-47C0-92B5-E9FCDB97D550}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{73DBF261-8B04-4232-9CC0-3A2228604DB6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{783B9F82-EBCF-4356-9721-871AF9B48EEB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{7BD13045-E407-4990-8AFB-C46B6BB72D35}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{83867EC9-0C61-4457-914A-618BA58C8DAF}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{84FC65AC-3E38-4200-9616-1E907C8EEFEF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{8795D016-BA9E-48B7-A82C-74BAFCF420EC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{8D81974A-7E85-4B63-BDBE-D1C7F581150E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8E09A290-C25D-47FA-9A86-A76DF1BFB6C2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{94C84392-7A31-4068-A672-44284F877D8C}" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\local\microsoft\windows\temporary internet files\content.ie5\8c97x96y\sweetimsetup[1].exe | 
"{95EDE25A-A91A-4AD6-870B-45486836220C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{98B9728F-D9CC-4900-AEB7-D732AE63DE4D}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{9E6F1110-EDAC-421F-B014-E8017C3C09FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{A571B085-7546-453C-9725-9451132E1348}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A945F80E-19B0-44E5-9D84-64B55D1C9357}" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe | 
"{B785D447-A5FD-4085-8A20-E6A2A1E98237}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{BB970AD3-2015-421D-908A-603B3B44452F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{DC909859-9709-48C2-8BEC-A1A4D49BA1F3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{DDB96144-E043-4151-BE55-68856F397BD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{E201A4B9-4995-422C-B098-BBA1D2FF7D87}" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\local\microsoft\windows\temporary internet files\content.ie5\8c97x96y\sweetimsetup[1].exe | 
"{E82D08A7-FE1F-47F8-95AC-6F0A7EAB25C8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{EDE2310D-B442-416F-8C6D-96C4938DC523}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{F34D272E-9668-447D-A99C-0171C0BA3F39}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{F8694076-8ED2-4F50-A017-ECBFC033E2EB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{FE627DAE-22D5-467F-BF75-5F501F6FE7E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{0C86B580-3484-4617-919F-1A61BA851173}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{1E1C8E01-4AEF-4C56-899C-1F7C459F9BA9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{5609AF03-403E-4DE3-86F7-B00CB7A481E5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"TCP Query User{6BF93385-690E-4499-801D-1078C3703FA1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"TCP Query User{813E93D8-B46E-4BA9-872F-86E6831A0B8B}C:\users\public\downloads\eclipse-java-helios-sr2-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\public\downloads\eclipse-java-helios-sr2-win32\eclipse\eclipse.exe | 
"TCP Query User{98F3BF9B-15FA-4422-8583-8976FE9272A9}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe | 
"TCP Query User{B078E111-3752-49D8-BE05-196EC7484287}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe | 
"TCP Query User{BA5CA1E8-95E3-4CC8-B169-1A189813514E}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe | 
"TCP Query User{C9C70568-0C4D-42FD-8777-CF5B71E15738}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"TCP Query User{CC4C04DA-F5A4-4241-BA10-350903397661}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{212FE706-E691-4632-803C-C8F1E5FEE0C5}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{3F29293B-5D3C-45AD-8614-A9E483ABC3A6}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe | 
"UDP Query User{464AC7C3-7144-49B9-B6F2-1AAC3E68BDB8}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{6FF4DEB1-1A1D-4ADD-AE18-DBC082FFEC37}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe | 
"UDP Query User{78049496-CEE4-4AFD-9FFA-C63054F6B7E8}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 
"UDP Query User{C00C8209-ED61-45F5-BA72-20AA1B962696}C:\users\public\downloads\eclipse-java-helios-sr2-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\public\downloads\eclipse-java-helios-sr2-win32\eclipse\eclipse.exe | 
"UDP Query User{DE671AA4-6E71-430D-AD1A-FE34A34417D8}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{E0922CB7-D8F9-4A3F-A2B4-1201D6D809A8}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{EC9D70E0-90EE-47D0-837B-258412B13D92}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{FFC939BE-D69D-4FE6-A423-41A311E2FBFF}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description = 
 
[ OSession Events ]
Error - 05.05.2010 10:55:45 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 948
 seconds with 900 seconds of active time.  This session ended with a crash.
 
Error - 27.01.2011 06:03:18 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session 
lasted 10522 seconds with 120 seconds of active time.  This session ended with a
 crash.
 
Error - 18.02.2011 04:04:41 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 64754
 seconds with 6660 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 10.02.2012 21:30:04 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 10.02.2012 21:30:04 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 10.02.2012 21:30:04 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 10.02.2012 21:31:01 | Computer Name = FamCaliebe-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 10.02.2012 21:32:07 | Computer Name = FamCaliebe-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description = 
 
Error - 10.02.2012 22:47:44 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 10.02.2012 22:51:36 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 10.02.2012 22:51:36 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 11.02.2012 06:14:19 | Computer Name = FamCaliebe-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie chkdsk auf Volume "SYSTEM" aus.
 
Error - 11.02.2012 06:14:21 | Computer Name = FamCaliebe-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie chkdsk auf Volume "SYSTEM" aus.
 
 
< End of report >

--- --- ---

--- --- ---

piranya · 11.02.2012, 12:12

Code:

ATTFilter

7-Zip 9.20		21.03.2011	3,54MB	
Activation Assistant for the 2007 Microsoft Office suites	Microsoft Corporation	04.07.2009	14,0MB	
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	09.01.2012		11.1.102.55
Adobe Reader 9.3 - Deutsch	Adobe Systems Incorporated	20.03.2010	162,5MB	9.3.0
Adobe Shockwave Player 11.5	Adobe Systems, Inc.	20.02.2010	8,37MB	11.5.6.606
ALPS Touch Pad Driver		12.08.2008		
Apple Application Support	Apple Inc.	31.01.2012	61,2MB	2.1.6
Apple Mobile Device Support	Apple Inc.	31.01.2012	24,1MB	4.0.0.97
Apple Software Update	Apple Inc.	20.09.2011	2,38MB	2.1.3.127
Avira Free Antivirus	Avira	21.12.2011	68,3MB	12.0.0.872
AXIS Media Control Embedded		01.01.2010	1,34MB	
Bing Bar	Microsoft Corporation	15.12.2011	26,9MB	7.0.850.0
Bluetooth Stack for Windows by Toshiba	TOSHIBA CORPORATION	13.07.2009	57,5MB	v6.00.05(FSC)
Bonjour	Apple Inc.	01.11.2011	1,04MB	3.0.0.10
Caillous Vorschule		10.03.2011	171,8MB	1.00.000
Canon Easy-PhotoPrint EX		08.03.2011	227MB	
Canon Easy-WebPrint EX		08.03.2011	6,81MB	
Canon Inkjet Printer/Scanner/Fax Extended Survey Program		08.03.2011	1,25MB	
Canon MG5100 series Benutzerregistrierung		08.03.2011	1,18MB	
Canon MG5100 series MP Drivers		08.03.2011	353MB	
Canon MP Navigator EX 4.0		08.03.2011	75,3MB	
Canon My Printer		08.03.2011	5,55MB	
Canon Solution Menu EX		08.03.2011	12,4MB	
CCleaner	Piriform	10.02.2012	4,24MB	3.15
Compatibility Pack für 2007 Office System	Microsoft Corporation	14.12.2011	56,2MB	12.0.6425.1000
Dropbox	Dropbox, Inc.	31.01.2012	26,2MB	1.2.51
Free Video Converter V 2.9	Koyote Soft	08.12.2010	11,8MB	2.9.0.0
Fujitsu Siemens Computers Recovery	Fujitsu Siemens Computers	04.07.2009	7,06MB	1.3.9
GIMP 2.6.7		10.09.2009	87,0MB	
GPL Ghostscript 8.64		02.08.2009	22,5MB	
GSview 4.9		02.08.2009	3,21MB	
Haufe iDesk-Browser	Haufe	08.01.2011	18,4MB	9.06.30.7144
Haufe iDesk-Service	Haufe	08.01.2011	135,7MB	9.08.21.7460
Hotkey Utility		12.08.2008	5,46MB	1.5.5
iCloud	Apple Inc.	31.01.2012	22,4MB	1.0.2.17
Intel(R) Network Connections Drivers		05.07.2009		
Intel® Matrix Storage Manager	Intel Corporation	04.07.2009	37,3MB	
IrfanView (remove only)		17.09.2009	11,3MB	
iTunes	Apple Inc.	31.01.2012	169,7MB	10.5.3.3
Java DB 10.6.2.1	Oracle	09.07.2011	29,9MB	10.6.2.1
Java(TM) 6 Update 22	Oracle	26.01.2011	97,1MB	6.0.220
Java(TM) 6 Update 30	Oracle	20.10.2010	97,1MB	6.0.300
Java(TM) SE Development Kit 6 Update 26	Oracle	09.07.2011	152,0MB	1.6.0.260
Jeliot 3.7.2 (powered by AIFB)	Institute AIFB, University of Karlsruhe	20.11.2010		
Juniper Networks Network Connect 6.5.0	Juniper Networks	24.10.2010	6,45MB	6.5.0.14951
Juniper Networks Network Connect 7.0.0	Juniper Networks	14.11.2011	4,56MB	7.0.0.18809
Juniper Networks Setup Client	Juniper Networks	14.11.2011	2,09MB	2.2.5.10685
Kids entdecken den menschlichen Körper		13.05.2010	3,72MB	1.00.000
Launch Pad 1.0.3	FIC, Inc.	12.08.2008	7,07MB	1.0.3
Lexware Info Service	Haufe-Lexware GmbH & Co.KG	28.09.2011	12,4MB	2.70.00.0081
Logitech QuickCam	Fujitsu-Siemens	13.07.2009	29,7MB	11.51.1056
Logitech QuickCam-Treiberpaket		13.07.2009		
Malwarebytes Anti-Malware Version 1.60.1.1000	Malwarebytes Corporation	09.02.2012	11,5MB	1.60.1.1000
Mathe Klasse 1 - 4		18.10.2009	44,3MB	
meinHausplaner		21.11.2011	1.246MB	
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	15.01.2011	37,0MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	26.08.2009	27,8MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	15.01.2011	120,3MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	15.01.2011	24,5MB	4.0.30319
Microsoft Office Enterprise 2007	Microsoft Corporation	30.08.2009	636MB	12.0.6425.1000
Microsoft Office Home and Student 2007	Microsoft Corporation	30.08.2009	297MB	12.0.6425.1000
Microsoft Office Live Add-in 1.3	Microsoft Corporation	15.01.2011	0,48MB	2.0.2313.0
Microsoft Office Outlook Connector	Microsoft Corporation	15.01.2011	6,13MB	12.0.6423.1000
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	14.12.2011	51,0MB	12.0.6425.1000
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs	Microsoft Corporation	02.09.2009	0,12MB	12.0.4518.1014
Microsoft Silverlight	Microsoft Corporation	13.10.2011	40,2MB	4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	15.01.2011	1,74MB	3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86)	Microsoft Corporation	15.01.2011	0,61MB	1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86)	Microsoft Corporation	15.01.2011	1,45MB	1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	04.08.2009	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	16.06.2011	0,29MB	8.0.56336
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	15.01.2011	0,19MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	15.04.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	29.10.2009	0,58MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	26.01.2011	0,57MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	16.06.2011	0,58MB	9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	25.10.2011	16,5MB	10.0.40219
Microsoft Works	Microsoft Corporation	15.01.2011		9.7.0621
MpcStar 5.1	www.mpcstar.com	13.06.2011	51,8MB	5.1
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	04.08.2009	1,28MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	15.01.2011	1,34MB	4.20.9876.0
MyPhoneExplorer	F.J. Wechselberger	09.12.2011	12,0MB	1.8.2
Nero 8 Essentials	Nero AG	04.07.2009	1.759MB	8.3.228
Nokia Connectivity Cable Driver	Nokia	18.11.2010	3,22MB	7.1.31.0
Nokia Ovi Application Installer 6.85.3011	Nokia	18.11.2010	61,9MB	
Nokia Ovi Content Copier 6.85.3011	Nokia	18.11.2010	61,9MB	
Nokia Ovi System Utilities 6.85.3018	Nokia	18.11.2010	61,9MB	
Nokia Photos	Nokia	18.11.2010	118,4MB	1.6.434
Nokia_Multimedia_Common_Components_2_5	Nokia	18.11.2010	18,9MB	2.6.86
NVIDIA Drivers		15.01.2011		
Octoshape Streaming Services		06.06.2010		
OpenOffice.org 3.3	OpenOffice.org	26.01.2011	413MB	3.3.9567
PC Connectivity Solution	Nokia	18.11.2010	12,8MB	10.39.0.0
PDF24 Creator 4.1.2	PDF24.org	21.12.2011	35,2MB	
PdfGrabber 5.0	PixelPlanet	20.09.2009	39,4MB	5.0.0.0
Picasa 3	Google, Inc.	13.02.2011	73,5MB	3.8
PlayReady PC runtime	Microsoft Corporation	12.08.2008	1,02MB	1
Power Manager 2.8.3	FIC, Inc.	12.08.2008	2,28MB	2.8.3
ProtectDisc Helper Driver 10		05.05.2010	96,00KB	10.0.0.3
QuickTime	Apple Inc.	01.11.2011	73,3MB	7.71.80.42
RealPlayer	RealNetworks	18.11.2010	92,6MB	
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	12.08.2008		
Rgb2Cmyk 1.3	Smokingun Graphics	17.09.2009	1,63MB	1.3
Roadkil's Unstoppable Copier Version 5.2	Roadkil.Net	26.01.2011	0,81MB	
Scribus 1.3.3.13	The Scribus Team	02.08.2009	73,8MB	1.3.3.13
Skype Toolbars	Skype Technologies S.A.	14.06.2011	6,58MB	5.3.7555
Skype™ 5.3	Skype Technologies S.A.	14.06.2011	22,6MB	5.3.116
Spelling Dictionaries Support For Adobe Reader 9	Adobe Systems Incorporated	20.03.2010	29,7MB	9.0.0
SystemDiagnostics	Fujitsu Siemens Computers       	04.07.2009	13,6MB	2.01.0004
TAXMAN 2011	Haufe-Lexware GmbH & Co.KG	28.09.2011	451MB	17.05.00.0003
TomTom HOME 2.7.3.1894	TomTom	29.11.2009	48,7MB	2.7.3.1894
TomTom HOME Visual Studio Merge Modules	TomTom International B.V.	29.11.2009	1,88MB	1.0.2
Vista Codec Package	Shark007	08.11.2009	52,2MB	5.4.7
VLC media player 1.0.5	VideoLAN Team	07.05.2010	76,1MB	1.0.5
WGW Deutsch 1	TOPOS	14.03.2010	19,5MB	1.00.0000
WGW Deutsch 2	TOPOS	14.03.2010	13,8MB	1.00.0000
WGW Deutsch 3	TOPOS	14.03.2010	15,1MB	1.00.0000
WGW Deutsch 4	TOPOS	14.03.2010	17,0MB	1.00.0000
Windows Live Anmelde-Assistent	Microsoft Corporation	15.01.2011	1,93MB	5.000.818.5
Windows Live Essentials	Microsoft Corporation	15.01.2011	158,2MB	14.0.8117.0416
Windows Live Sync	Microsoft Corporation	15.01.2011	2,79MB	14.0.8117.416
Windows Live-Uploadtool	Microsoft Corporation	15.01.2011	0,22MB	14.0.8014.1029
Windows Mobile-Gerätecenter	Microsoft Corporation	29.09.2011	24,2MB	6.0.6783.0
Windows Mobile-Gerätecenter: Treiberupdate	Microsoft Corporation	29.09.2011	35,4MB	6.0.6783.0
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)	Nokia	18.11.2010		08/22/2008 7.0.0.0
Zahlenbuch 2		18.11.2009	108,4MB

kira · 12.02.2012, 12:17

4. und 5. bitte auch noch erledigen!

piranya · 15.02.2012, 17:02

war dabei aber hab nebenbei ne Prüfung geschrieben...

so nächster Schritt
[code]
GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-02-15 16:59:29
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB4O
Running: ujo94itv.exe; Driver: C:\Users\FAMILI~1\AppData\Local\Temp\uxtyaaow.sys


---- System - GMER 1.0.15 ----

SSDT    908896AE                                                                                                                                             ZwCreateSection
SSDT    908896B8                                                                                                                                             ZwRequestWaitReplyPort
SSDT    908896B3                                                                                                                                             ZwSetContextThread
SSDT    908896BD                                                                                                                                             ZwSetSecurityObject
SSDT    908896C2                                                                                                                                             ZwSystemDebugControl
SSDT    9088964F                                                                                                                                             ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text   ntkrnlpa.exe!KeSetEvent + 215                                                                                                                        822B3998 4 Bytes  [AE, 96, 88, 90]
.text   ntkrnlpa.exe!KeSetEvent + 539                                                                                                                        822B3CBC 4 Bytes  [B8, 96, 88, 90]
.text   ntkrnlpa.exe!KeSetEvent + 56D                                                                                                                        822B3CF0 4 Bytes  [B3, 96, 88, 90]
.text   ntkrnlpa.exe!KeSetEvent + 5D1                                                                                                                        822B3D54 4 Bytes  [BD, 96, 88, 90]
.text   ntkrnlpa.exe!KeSetEvent + 619                                                                                                                        822B3D9C 4 Bytes  [C2, 96, 88, 90] {RET 0x8896; NOP }
.text   ...                                                                                                                                                  
?       System32\drivers\buwrttcw.sys                                                                                                                        Das System kann den angegebenen Pfad nicht finden. !
.text   C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                                                             section is writeable [0x8EE00340, 0x3E6A37, 0xE8000020]
.reloc  C:\Windows\system32\drivers\acehlp10.sys                                                                                                             section is executable [0x8EAAAB80, 0x37FC7, 0xE0000060]
.reloc  C:\Windows\system32\drivers\acedrv10.sys                                                                                                             section is executable [0x8A3B8000, 0x459C1, 0xE0000060]

---- User code sections - GMER 1.0.15 ----

.text   C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] kernel32.dll!SetUnhandledExceptionFilter                                                 772AA8C5 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- User IAT/EAT - GMER 1.0.15 ----

IAT     C:\Windows\system32\wuauclt.exe[172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                     [000B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\wuauclt.exe[172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                          [000B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\wuauclt.exe[172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                            [000B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\wuauclt.exe[172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                [000B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\RtHDVCpl.exe[900] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                             [003B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\RtHDVCpl.exe[900] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                                  [003B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\RtHDVCpl.exe[900] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                    [003B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\RtHDVCpl.exe[900] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                        [003B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Power Manager\PM.exe[928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                               [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Power Manager\PM.exe[928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                    [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Power Manager\PM.exe[928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                      [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Power Manager\PM.exe[928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                          [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Media Player\wmpnscfg.exe[1260] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                 [002D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Media Player\wmpnscfg.exe[1260] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                      [002D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Media Player\wmpnscfg.exe[1260] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                        [002D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Media Player\wmpnscfg.exe[1260] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                            [002D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\Apoint.exe[1536] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                               [003B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\Apoint.exe[1536] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                    [003B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\Apoint.exe[1536] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                      [003B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\Apoint.exe[1536] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                          [003B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                              [002C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                   [002C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                     [002C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                         [002C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE[1936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                               [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE[1936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                    [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE[1936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                      [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE[1936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                          [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[2104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                     [001A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[2104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                          [001A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[2104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]            [001A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[2104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                [001A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[2256] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                       [00802F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[2256] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                            [00802D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[2256] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                              [00802CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[2256] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                  [00802CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Defender\MSASCui.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                      [00192F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Defender\MSASCui.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                           [00192D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Defender\MSASCui.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                             [00192CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Defender\MSASCui.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                 [00192CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[2748] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [02512F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[2748] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                           [02512D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[2748] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]             [02512CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[2748] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                 [02512CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[2976] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                       [01D42F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[2976] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                            [01D42D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[2976] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]              [01D42CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[2976] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                  [01D42CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Hotkey Utility\tray.exe[3132] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                           [003C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Hotkey Utility\tray.exe[3132] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                [003C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Hotkey Utility\tray.exe[3132] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                  [003C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Hotkey Utility\tray.exe[3132] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                      [003C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\rundll32.exe[3240] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                   [000A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\rundll32.exe[3240] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [000A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\rundll32.exe[3240] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [000A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\rundll32.exe[3240] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [000A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Launch Pad\LaunchPad.exe[3252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                          [00392F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Launch Pad\LaunchPad.exe[3252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                               [00392D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Launch Pad\LaunchPad.exe[3252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                 [00392CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Launch Pad\LaunchPad.exe[3252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                     [00392CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                                                [73D57817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                                                 [73DAA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                                             [73D5BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                                       [73D4F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                                                 [73D575E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                                              [73D4E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM]                                                  [73D88395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream]                                                     [73D5DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                                             [73D4FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                                              [73D4FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                                               [73D471CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM]                                                       [73DDCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile]                                                          [73D7C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                                             [73D4D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                                       [73D46853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                                                      [73D4687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                                         [73D52AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                            [027B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                                 [027B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                   [027B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\Explorer.EXE[3384] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                       [027B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                           [00732F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                [00732D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                  [00732CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                      [00732CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3704] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                       [01A42F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3704] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                            [01A42D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3704] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]              [01A42CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3704] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                  [01A42CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3856] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                   [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3856] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                        [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3856] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]          [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3856] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]              [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3888] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]           [002A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3888] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                [002A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3888] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]  [002A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3888] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]      [002A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\igfxsrvc.exe[3924] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                   [00922F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\igfxsrvc.exe[3924] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [00922D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\igfxsrvc.exe[3924] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [00922CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\igfxsrvc.exe[3924] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [00922CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam\Quickcam.exe[3964] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                    [003B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam\Quickcam.exe[3964] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                         [003B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam\Quickcam.exe[3964] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                           [003B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Logitech\QuickCam\Quickcam.exe[3964] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                               [003B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\hkcmd.exe[3996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                      [003D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\hkcmd.exe[3996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                           [003D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\hkcmd.exe[3996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                             [003D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\hkcmd.exe[3996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                 [003D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\igfxpers.exe[4076] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                   [00372F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\igfxpers.exe[4076] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [00372D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\igfxpers.exe[4076] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [00372CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\igfxpers.exe[4076] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [00372CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\QuickTime\QTTask.exe[4252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                              [000E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\QuickTime\QTTask.exe[4252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                   [000E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\QuickTime\QTTask.exe[4252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                     [000E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\QuickTime\QTTask.exe[4252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                         [000E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\pdf24\pdf24.exe[4276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                   [00D22F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\pdf24\pdf24.exe[4276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [00D22D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\pdf24\pdf24.exe[4276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [00D22CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\pdf24\pdf24.exe[4276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [00D22CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [003C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                           [003C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]             [003C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                 [003C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\iTunes\iTunesHelper.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                           [00902F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\iTunes\iTunesHelper.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                [00902D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\iTunes\iTunesHelper.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                  [00902CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\iTunes\iTunesHelper.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                      [00902CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Sidebar\sidebar.exe[4340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                       [000C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Sidebar\sidebar.exe[4340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                            [000C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Sidebar\sidebar.exe[4340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                              [000C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Sidebar\sidebar.exe[4340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                  [000C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\ehome\ehtray.exe[4352] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                        [00222F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\ehome\ehtray.exe[4352] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                             [00222D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\ehome\ehtray.exe[4352] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                               [00222CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\ehome\ehtray.exe[4352] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                   [00222CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4388] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                [002E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4388] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                     [002E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4388] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                       [002E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4388] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                           [002E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [021C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                           [021C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]             [021C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                 [021C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\NETAPI32.dll [PSAPI.DLL!GetModuleBaseNameW]                [759F159E] C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation)
IAT     C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe[4460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                   [00372F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe[4460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                        [00372D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe[4460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]          [00372CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe[4460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]              [00372CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\ApMsgFwd.exe[4680] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                             [00262F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\ApMsgFwd.exe[4680] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                  [00262D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\ApMsgFwd.exe[4680] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                    [00262CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\ApMsgFwd.exe[4680] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                        [00262CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.exe[4728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                              [011C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.exe[4728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                   [011C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.exe[4728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                     [011C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.exe[4728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                         [011C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\wbem\unsecapp.exe[5152] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                              [002B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\wbem\unsecapp.exe[5152] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                   [002B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\wbem\unsecapp.exe[5152] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                     [002B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\wbem\unsecapp.exe[5152] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                         [002B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.bin[5184] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                              [01CE2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.bin[5184] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                   [01CE2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.bin[5184] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                     [01CE2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\OpenOffice.org 3\program\soffice.bin[5184] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                         [01CE2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\Apntex.exe[5320] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                               [00372F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\Apntex.exe[5320] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                    [00372D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\Apntex.exe[5320] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                      [00372CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Apoint2K\Apntex.exe[5320] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                          [00372CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[5552] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [01C82F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[5552] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                           [01C82D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[5552] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]             [01C82CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[5552] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                 [01C82CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\mobsync.exe[5912] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                    [001F2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\mobsync.exe[5912] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                         [001F2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\mobsync.exe[5912] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                           [001F2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\System32\mobsync.exe[5912] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                               [001F2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Users\Familie Caliebe\Desktop\ujo94itv.exe[17476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                     [00352F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Users\Familie Caliebe\Desktop\ujo94itv.exe[17476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                          [00352D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Users\Familie Caliebe\Desktop\ujo94itv.exe[17476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                            [00352CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Users\Familie Caliebe\Desktop\ujo94itv.exe[17476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                [00352CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\conime.exe[18172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                    [00192F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\conime.exe[18172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                         [00192D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\conime.exe[18172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                           [00192CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT     C:\Windows\system32\conime.exe[18172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                               [00192CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

---- Registry - GMER 1.0.15 ----

Reg     HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001060d000f2 (not active ControlSet)                                                      
Reg     HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001060d1bf38 (not active ControlSet)                                                      
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d000f2                                                                          
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d1bf38                                                                          
Reg     HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001060d000f2 (not active ControlSet)                                                      
Reg     HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001060d1bf38 (not active ControlSet)                                                      
Reg     HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat                                                              0xBB 0xB2 0x1B 0xE6 ...

---- EOF - GMER 1.0.15 ----

--- --- ---

[\code]

piranya · 15.02.2012, 17:09

Code:

ATTFilter

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.0.6002 Disk: Hitachi_ rev.PB4O -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll ndis.sys NETw5v32.sys rdbss.sys 
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
C:\Windows\system32\DRIVERS\NETw5v32.sys Intel Corporation Intel® Wireless WiFi Link Adapter
1 ntkrnlpa!IofCallDriver[0x8224B912] -> \Device\Harddisk0\DR0[0x86762968]
3 CLASSPNP[0x8A9AC8B3] -> ntkrnlpa!IofCallDriver[0x8224B912] -> \Device\Ide\IAAStorageDevice-1[0x856D8028]
kernel: MBR read successfully
user & kernel MBR OK

piranya · 15.02.2012, 17:11

Ich denke ich hab jetzt alles gemacht. Bediene den Rechner im Moment auch nur hierfür.
LG
piranya

kira · 16.02.2012, 08:02

1.
Die alte Java-Versionen verbleiben auf dem PC...aus Sicherheitsgründen müssen entfernt werden,auch in Zukunft darauf achten!
deinstalliere:

Zitat:

Java(TM) 6 Update 22

2.
Wenn nicht bewusst installiert hast bzw nicht benötigst, kannst deinstallieren (unter Software):

Code:

ATTFilter

Bing Bar 
-> Bing Bar aus Firefox und Internet Explorer entfernen

Immer mehr Programme bringen eine Toolbar mit.(wie z.B. Google, Yaho,Messenger, Winamp, ICQ usw). Manche Zustimmung der User installiert, manche wieder ohne Wissen des Benutzers

Viele davon sehr fehleranfällig und fressen eine Menge an Systemressourcen. Zur funktionstüchtigen Installation der jeweiligen Software ist Toolbar aber nicht notwendig, zudem die meisten modernen Browser mit vielen zusätzlichen Funktionen ausgestattet sind. Ausserdem die dazugehörigen Programme, funktionieren auch ohne...
- meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen

3.
reinige dein System mit CCleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

4.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.15 08:01:46 | 000,000,113 | ---- | M] () - G:\Autorun.inf -- [ NTFS ]

:Commands
[purity]
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

5.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

6.

lade Dir SUPERAntiSpyware FREE Edition herunter.
installiere das Programm und update online.
starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

7.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

8.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

piranya · 16.02.2012, 11:14

zu 4.:

Code:

ATTFilter

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File G:\Autorun.inf not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Familie Caliebe
->Temp folder emptied: 966300 bytes
->Temporary Internet Files folder emptied: 2450903 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9527686 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 12,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02162012_110423

Files\Folders moved on Reboot...
File\Folder C:\Users\Familie Caliebe\AppData\Local\Temp\~DF444A.tmp not found!
File\Folder C:\Users\Familie Caliebe\AppData\Local\Temp\~DF44DC.tmp not found!
File\Folder C:\Users\Familie Caliebe\AppData\Local\Temp\~DF464D.tmp not found!
File\Folder C:\Users\Familie Caliebe\AppData\Local\Temp\~DF465B.tmp not found!
C:\Users\Familie Caliebe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\461HYYIU\109012-programm-webseite-anzeigen-trojaner-3[1].htm moved successfully.

Registry entries deleted on Reboot...

Programm kann Webseite nicht anzeigen...Trojaner

Plagegeister aller Art und deren Bekämpfung: Programm kann Webseite nicht anzeigen...Trojaner