Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
foxtab pdf converte II

foxtab pdf converte II


Plagegeister aller Art und deren Bekämpfung: foxtab pdf converte II

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 23.02.2011, 15:14   #1
nuukies
 
foxtab pdf converte II - Standard

foxtab pdf converte II


Hallo,
ich habe dasselbe Problem wie der Forist in diesem Thread:
http://www.trojaner-board.de/95807-f...converter.html


- Programm runtergeladen (FoxTabPDFConverter)
- es läßt sich nicht aus der Systemsteuerung entfernen (= deinstallieren), Windows hat es selber aus der Liste gelöscht (nachdem die deinstallation von dort nicht erfolgreich war), der Ordner (FoxTabPDFConverter) ist allerdings noch da (samt gesamtem Inhalt). Wie also deinstalliere ich das Programm?
- Auch hier tauchte eine Toolbar "Babylon" auf, die ich deinstallieren konnte.

Was tun?
Ich habe die geforderten Log Files von dem Helfer aus dem oben genannten thread bereits erstellt, werde sie hier rein pasten, danke im voraus!

Gruß
Holger

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 23.02.2011 15:07:38 - Run 1
OTL by OldTimer - Version 3.2.21.0     Folder = C:\Users\Holger\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,54 Gb Total Space | 354,43 Gb Free Space | 78,15% Space Free | Partition Type: NTFS
Drive D: | 12,12 Gb Total Space | 1,70 Gb Free Space | 14,05% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.02.23 15:06:16 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\Holger\Downloads\OTL.exe
PRC - [2011.02.10 04:14:59 | 000,994,872 | ---- | M] (Google Inc.) -- C:\Users\Holger\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2011.02.08 13:55:04 | 000,939,848 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011.02.08 13:54:57 | 001,405,384 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2010.12.09 14:06:23 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.04 10:53:35 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.08.25 03:11:16 | 000,656,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
PRC - [2008.11.21 15:22:32 | 006,657,896 | ---- | M] (Ritlabs S.R.L.) -- C:\Program Files (x86)\The Bat!\thebat.exe
PRC - [2008.11.20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.02.23 15:06:16 | 000,577,024 | ---- | M] (OldTimer Tools) -- C:\Users\Holger\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.06.29 18:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV - [2011.02.08 13:54:57 | 001,405,384 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010.12.09 14:06:23 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.11.04 10:53:35 | 000,135,336 | ---- | M] (Avira GmbH) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.29 22:18:20 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.22 12:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2010.12.03 02:04:35 | 000,049,752 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2010.11.22 22:40:29 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.09.28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.09.23 08:46:09 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010.09.13 13:24:01 | 001,101,600 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2010.03.02 12:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010.01.28 15:25:02 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.11.10 12:53:40 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009.11.10 12:53:16 | 000,058,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009.11.10 12:53:00 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009.08.13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.30 18:12:56 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011.02.04 15:27:14 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2010.02.17 19:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2010.02.17 19:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b054b5b900000000000000259cf4e0b1&tlver=1.4.19.19&affID=17162
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=b054b5b900000000000000259cf4e0b1&tlver=1.4.19.19&affID=17162
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {c44f9e21-d93f-490c-b41c-b3548bdd19fc} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
[2010.12.18 17:46:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.05.20 01:28:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.02.23 14:26:15 | 000,002,423 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C44F9E21-D93F-490C-B41C-B3548BDD19FC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Easybits Recovery]  File not found
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [thebat_startup] C:\Program Files (x86)\The Bat!\thebat.exe (Ritlabs S.R.L.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.250.99 193.189.244.205
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.23 15:04:12 | 000,000,000 | ---D | C] -- C:\Users\Holger\AppData\Roaming\SUPERAntiSpyware.com
[2011.02.23 15:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.02.23 15:04:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AppLogs
[2011.02.23 15:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\!SASCORE
[2011.02.23 15:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.02.23 15:04:01 | 000,000,000 | ---D | C] -- C:\Programme\SUPERAntiSpyware
[2011.02.23 14:25:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FoxTabPDFConverter
[2011.02.23 13:26:37 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.02.23 13:26:37 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.02.23 13:26:37 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.02.23 13:26:36 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.02.18 15:53:47 | 000,000,000 | ---D | C] -- C:\Users\Holger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2011.02.10 14:41:44 | 000,086,016 | ---- | C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[2011.02.10 14:41:42 | 000,084,992 | ---- | C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2011.02.09 16:16:19 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.02.09 16:16:18 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.02.09 16:16:17 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.02.09 16:16:17 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.02.09 16:16:17 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.02.09 16:16:17 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.02.09 16:16:17 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.02.09 16:16:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.02.09 16:16:17 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.02.09 16:16:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.02.09 16:16:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.02.09 16:16:17 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.02.09 16:16:07 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.09 16:16:07 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.09 16:16:06 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.09 16:16:06 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.09 16:16:05 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.09 16:16:05 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.09 16:16:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.09 16:16:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.09 16:16:04 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.02.09 16:16:02 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.09 16:16:02 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.09 16:16:00 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.02.09 16:16:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.02.09 16:16:00 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.02.09 16:15:56 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.09 16:15:55 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.09 16:15:55 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.09 16:15:55 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.09 16:15:53 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.09 16:15:53 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.09 16:15:53 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.09 16:15:53 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.02.03 02:50:57 | 000,000,000 | ---D | C] -- C:\Users\Holger\Documents\Founds
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.23 15:04:02 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.02.23 15:03:42 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2011.02.23 15:03:42 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2011.02.23 15:03:42 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2011.02.23 15:03:42 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2011.02.23 14:57:15 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.23 14:57:15 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.23 14:52:39 | 000,863,187 | ---- | M] () -- C:\Users\Holger\Desktop\Praktikum hollibolli.pdf
[2011.02.23 14:49:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.23 14:49:38 | 3220,676,608 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.23 14:47:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1141555928-2508303228-2713433640-1001UA.job
[2011.02.23 14:30:04 | 000,087,203 | ---- | M] () -- C:\Users\Holger\Desktop\Anschreiben und Lebenslauf.pdf
[2011.02.22 22:47:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1141555928-2508303228-2713433640-1001Core.job
[2011.02.21 18:00:46 | 000,845,751 | ---- | M] () -- C:\Users\Holger\Desktop\Einleitung Praktikum.pdf
[2011.02.21 17:57:35 | 000,014,220 | ---- | M] () -- C:\Users\Holger\Desktop\Merkblatt_Befristete_Besch._04_2009.pdf
[2011.02.21 17:57:29 | 000,638,580 | ---- | M] () -- C:\Users\Holger\Desktop\Personalbogen_mit_Besoldungsfragebogen_07_2008.pdf
[2011.02.20 22:08:14 | 010,655,744 | ---- | M] () -- C:\Users\Holger\Desktop\Einleitung Praktikum.doc
[2011.02.20 12:45:55 | 000,013,640 | ---- | M] () -- C:\Users\Holger\Desktop\Großes Zimmer in 3er WG.odt
[2011.02.18 15:53:47 | 000,000,684 | ---- | M] () -- C:\Users\Holger\Desktop\Fraps.lnk
[2011.02.14 17:04:37 | 000,145,463 | ---- | M] () -- C:\Users\Holger\Desktop\CV.pdf
[2011.02.14 17:04:27 | 000,078,138 | ---- | M] () -- C:\Users\Holger\Desktop\Anschreiben.pdf
[2011.02.13 22:18:27 | 000,565,305 | ---- | M] () -- C:\Users\Holger\Desktop\Einladung zur Doktorfeier.pdf
[2011.02.10 14:41:44 | 000,086,016 | ---- | M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[2011.02.10 14:41:42 | 000,084,992 | ---- | M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2011.02.10 11:05:05 | 000,361,544 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.02 19:58:19 | 000,084,529 | ---- | M] () -- C:\Users\Holger\Desktop\Ausschreibung für Career Center.pdf
[2011.01.30 19:00:44 | 000,128,000 | ---- | M] () -- C:\Users\Holger\Documents\Haushalt.xls
[2011.01.26 07:53:10 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.01.26 07:31:20 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
 
========== Files Created - No Company Name ==========
 
[2011.02.23 15:04:02 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.02.23 14:52:39 | 000,863,187 | ---- | C] () -- C:\Users\Holger\Desktop\Praktikum hollibolli.pdf
[2011.02.23 14:37:36 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2011.02.23 14:37:36 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2011.02.23 14:37:36 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2011.02.23 14:37:36 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2011.02.23 14:30:04 | 000,087,203 | ---- | C] () -- C:\Users\Holger\Desktop\Anschreiben und Lebenslauf.pdf
[2011.02.21 17:57:35 | 000,014,220 | ---- | C] () -- C:\Users\Holger\Desktop\Merkblatt_Befristete_Besch._04_2009.pdf
[2011.02.21 17:57:29 | 000,638,580 | ---- | C] () -- C:\Users\Holger\Desktop\Personalbogen_mit_Besoldungsfragebogen_07_2008.pdf
[2011.02.20 20:29:10 | 010,655,744 | ---- | C] () -- C:\Users\Holger\Desktop\Einleitung Praktikum.doc
[2011.02.18 15:53:47 | 000,000,684 | ---- | C] () -- C:\Users\Holger\Desktop\Fraps.lnk
[2011.02.14 17:04:37 | 000,145,463 | ---- | C] () -- C:\Users\Holger\Desktop\CV.pdf
[2011.02.14 17:04:27 | 000,078,138 | ---- | C] () -- C:\Users\Holger\Desktop\Anschreiben.pdf
[2011.02.13 22:18:27 | 000,565,305 | ---- | C] () -- C:\Users\Holger\Desktop\Einladung zur Doktorfeier.pdf
[2011.02.08 14:19:55 | 000,013,640 | ---- | C] () -- C:\Users\Holger\Desktop\Großes Zimmer in 3er WG.odt
[2011.02.06 23:13:03 | 000,845,751 | ---- | C] () -- C:\Users\Holger\Desktop\Einleitung Praktikum.pdf
[2011.02.02 19:58:19 | 000,084,529 | ---- | C] () -- C:\Users\Holger\Desktop\Ausschreibung für Career Center.pdf
[2010.12.03 02:13:44 | 000,002,110 | ---- | C] () -- C:\Users\Holger\AppData\Roaming\ex_log.txt
[2010.11.29 00:21:24 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2010.06.16 15:22:23 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\NCMedia2.dll
[2010.06.16 15:22:23 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.06.16 15:22:23 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.05.03 21:14:17 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.04.25 21:49:38 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.04.25 21:49:38 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.04.22 19:31:32 | 000,003,348 | ---- | C] () -- C:\Users\Holger\AppData\Roaming\wklnhst.dat
[2009.09.29 15:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009.08.03 00:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.08.03 00:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.08.03 00:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== LOP Check ==========
 
[2010.12.23 01:00:22 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Amazon
[2011.01.19 16:20:32 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\AnvSoft
[2011.02.18 15:29:25 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\IrfanView
[2010.05.17 23:15:37 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\JabRef 2.6
[2010.04.23 01:13:46 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Leadertech
[2010.05.04 21:08:11 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Miranda
[2011.02.23 14:47:32 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\NCH Swift Sound
[2010.04.24 12:15:18 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Octoshape
[2011.01.13 02:09:20 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\OpenOffice.org
[2011.01.14 19:47:15 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\TeamViewer
[2010.04.22 19:31:34 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\Template
[2011.02.23 15:03:35 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\The Bat!
[2010.09.22 16:21:35 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\WinBatch
[2011.02.14 17:04:08 | 000,000,000 | ---D | M] -- C:\Users\Holger\AppData\Roaming\WinEdt
[2011.02.23 15:03:42 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 1).job
[2011.02.23 15:03:42 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 2).job
[2011.02.23 15:03:42 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 3).job
[2011.02.23 15:03:42 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 4).job
[2010.11.29 18:57:19 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 23.02.2011 15:07:38 - Run 1
OTL by OldTimer - Version 3.2.21.0     Folder = C:\Users\Holger\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 64,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,54 Gb Total Space | 354,43 Gb Free Space | 78,15% Space Free | Partition Type: NTFS
Drive D: | 12,12 Gb Total Space | 1,70 Gb Free Space | 14,05% Space Free | Partition Type: NTFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Holger\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU 
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C682623-8F66-46A8-B9B3-93FE1E66A001}" = iTunes
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55E76113-3899-4A63-A308-71A9BD3491EE}" = MobileMe Control Panel
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)
"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU 
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"SP6" = Logitech SetPoint 6.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 23
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}" = Brother MFL-Pro Suite DCP-130C
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}" = HP Support Assistant
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{CA796D95-C706-4BB9-BDDE-FF228D13D28A}" = Livestream Procaster
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{DD73C158-06C4-453A-868C-652C41F11A6D}" = TheBat! Home v4.0.38
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Ad-Aware" = Ad-Aware
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Any Video Converter_is1" = Any Video Converter 3.1.7
"AutoHotkey" = AutoHotkey 1.0.48.05
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"EADM" = EA Download Manager
"Fraps" = Fraps (remove only)
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"HP Remote Solution" = HP Remote Solution
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"MiKTeX 2.9" = MiKTeX 2.9
"Miranda IM" = Miranda IM 0.8.27
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PDF Creator" = PDF Creator (Remove Only)
"Picasa 3" = Picasa 3
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"VideoPad" = VideoPad Video Editor
"Vsk5Online_is1" = Vsk5Online
"Warcraft III" = Warcraft III
"WinEdt_is1" = WinEdt
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Octoshape Streaming Services" = Octoshape Streaming Services
"sc11-CH_TSR" = Ski Challenge 11 (TSR)
"Warcraft III" = Warcraft III: All Products
"WTRC 2011 Course Pack" = WTRC 2011 Course Pack
"WTRC2011CoursePack for VSK5 Online" = WTRC2011CoursePack for VSK5 Online
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---
Geändert von nuukies (23.02.2011 um 15:50 Uhr)

 

Themen zu foxtab pdf converte II
0x00000001, ad-aware, antivir, any video converter, autorun, avgntflt.sys, avira, babylon, bho, bonjour, c:\windows\system32\rundll32.exe, desktop, entfernen, error, firefox, flash player, google, google chrome, home, home premium, ieframe.dll, install.exe, location, log files, logfile, mozilla, oldtimer, pdf creator, picasa, plug-in, problem, programdata, programm, realtek, registry, rundll, saver, scan, sched.exe, searchplugins, security, shell32.dll, shortcut, software, start menu, syswow64, teamspeak, video converter, webcheck, windows


« Facemoods-Search im Internetexplorer nicht entfehrnbar | System Tool 2011 infection. Abgesicherter Modus startet nicht »


Ähnliche Themen: foxtab pdf converte II


  1. FoxTab entfernen
    Anleitungen, FAQs & Links - 21.10.2013 (2)
  2. Beseitigung von Foxtab PDF converter erfolgreich?
    Plagegeister aller Art und deren Bekämpfung - 05.03.2012 (3)
  3. Foxtab Pdf Converter; Trojan.Agent/Gen-FakeAlert[Local]
    Log-Analyse und Auswertung - 09.11.2011 (16)
  4. foxtab pdf converter
    Plagegeister aller Art und deren Bekämpfung - 28.02.2011 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema foxtab pdf converte II - Hallo, ich habe dasselbe Problem wie der Forist in diesem Thread: http://www.trojaner-board.de/95807-f...converter.html - Programm runtergeladen (FoxTabPDFConverter) - es läßt sich nicht aus der Systemsteuerung entfernen (= deinstallieren), Windows hat es - foxtab pdf converte II...
Archiv
Du betrachtest: foxtab pdf converte II auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19