Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Programm kann Webseite nicht anzeigen...Trojaner (https://www.trojaner-board.de/109012-programm-webseite-anzeigen-trojaner.html)

piranya 03.02.2012 20:28
Programm kann Webseite nicht anzeigen...Trojaner
 
Hallo Leute,

erste einmal ein großes Lob für eure Arbeit!

Mein Problem ist ähnlich, wie das der anderen. Allerdings verstehe ich nicht so ganz wie ich genau vorgehen soll, weil:

Ich habe Vista auf meinem Rechner. Neustart im Abgesicherten Modus ergibt gleiches weisses Fenster mit der Fehlermeldung (egal ob mit oder ohne netzwerk....). Einzig Computer Reparieren kann ich starten.

Ich habe nur ein Netbook, was funktioniert, und keinen CD Brenner, um eine CD zu brennen. Ich besitze die Recovery CDs 1-3 von meiner Vista Version. (OEM - vorinstalliert).

Vielen Dank schonmal für eure Hilfe :-)

piranya

kira 04.02.2012 08:09
Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:
  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
mit USB kannst auch versuchen:-> Erstellen einen bootbaren USB Stick für OTLPE

dann das Log hier posten

Zitat:
Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira

piranya 04.02.2012 20:25
Hey,

danke für deinen Rat. Mein Problem ist nun, dass mit Petousb mein usb stick nicht erkennt wird und ich damit schauen muss, ob ich nicht eine andere software finde, die den usb stick erkennt. Anscheinend ist das ein häufigeres Problem.

Sobald ich eine Lösung gefunden habe, werde ich hoffentlich hier die Logfiles hochladen können. Ansonsten muss ich versuchen jemanden zu finden, der mir die CD brennen kann......grrrr ist das nervenaufreibend ...

Ich melde mich dann wieder.

piranya

piranya 05.02.2012 08:33
Hi,

ich komme leider nicht weiter.
Habe festgestellt, dass ich die desinfec't11 cd habe. Hilft die vielleicht um die Logdateien zu bekommen?

Ansonsten kann ich erst am Montag im Geschäft jemanden fragen mir die CD zu brennen.

LG
piranya

kira 05.02.2012 09:40
auf den betroffenen PC hast Du CD/DVD Laufwerk?

piranya 05.02.2012 15:22
Hallo,

ja sorry, ich habe unklar kommuniziert:

betroffener Rechner:
Vista mit DVD/CD laufwerk

zweiter Rechner: Notepad ohne CD Laufwerk, Win 7

piranya

kira 06.02.2012 16:28
ok, dann sollte gehen:

Unbootbares System mit OTLPE Network scannen
  • Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop.
    Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
  • Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
  • Lege eine leere CD in Deinen Brenner.
  • ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
  • Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
  • Du kannst nun die Fenster des Brennprogramms schließen.
  • Starte das unbootbare System neu und boote von der CD, die Du gerade erstellt hast.
    Anmerkung: Wenn Du nicht weißt, wie Du Deinen Computer dazu bringst, von CD zu booten, dann folge diesen Schritten hier.
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.

    http://image.hijackthis.de/upload/hjt1-034.jpg
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt gesichert und mit Notepad++ geöffnet.
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt in diesen Thread.
Falls Du kein Brennprogramm hast:

ISOBurner
Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen.
Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.

piranya 08.02.2012 08:02
Hallo,

also irgendwie muss ich was falsch gemacht haben. Ich kann zwar von der CD booten, aber wenn ich dann den doppelklick auf OTLPE mache geht ein Fenster auf: Browse for Folder
darin stehen alle Laufwerke, oben My Computer. Wenn ich das oberste, also My Computer auswähle sagt er mir in einem Fenster: in Header steht: Run Scanner.... und im Fenster selbst ein rotes X und No windows installation found.,.....

Wenn ich versuche ein Unterordner auszuwählen bemängelt er:Runscanner Error: Target ist not windows 2000 or later

watt nu?

Neu brennen?

Danke piranya

piranya 08.02.2012 09:19
Hab mal geschaut was im Bios steht:

Sata Mode ist RAID (zur Auswahl steht noch AHCI)

An was kann es liegen, dass OTLPE nicht geht....

soll ich etwas anderes runterladen, denn ich kann in dem Reatogo-x-pe sonst alles ansehen und auch ins Internet...

LG & Danke
piranya

piranya 08.02.2012 10:05
Alos ich hab herausgefunden dass ich manuell das windows Veryeichnis auswaehlen musste.

anbei die beiden txt Dateien

Hier Otl.txt

OTL Logfile:
Code:
OTL logfile created on: 2/8/2012 9:52:21 AM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92.21 Gb Total Space | 9.56 Gb Free Space | 10.37% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 441.39 Gb Free Space | 94.77% Space Free | Partition Type: NTFS
Drive G: | 364.76 Gb Total Space | 327.71 Gb Free Space | 89.84% Space Free | Partition Type: NTFS
Drive H: | 1.85 Gb Total Space | 1.85 Gb Free Space | 100.00% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/10/21 09:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 11:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/11 07:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 07:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/07/08 15:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010/09/29 03:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/04/05 14:55:01 | 000,116,104 | ---- | M] () [Auto] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009/11/13 06:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/08/21 09:24:02 | 000,070,336 | ---- | M] () [On_Demand] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService)
SRV - [2008/06/01 13:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/06/01 13:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/06/01 13:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/04/25 07:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008/04/20 11:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/28 09:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/24 05:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/01/24 05:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2011/12/10 09:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/12/10 04:44:02 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/10/11 08:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/11 08:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 08:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/09 08:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/07/17 11:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/01 13:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC)
DRV - [2008/06/01 13:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/06/01 13:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2008/06/01 13:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2008/05/27 06:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008/05/01 01:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/04/15 10:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008/04/03 07:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008/03/25 09:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/03/25 06:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008/03/19 04:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/01/23 04:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/22 13:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007/11/29 02:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/10/18 07:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 04:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/07/27 05:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007/07/27 03:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007/01/04 13:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System] -- C:\Windows\System32\WinIo.sys -- (WINIO)
DRV - [2005/01/06 22:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01  [binary data]
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\..\URLSearchHook: {b106b661-3e1b-4015-af5c-195e909f35c6} - Reg Error: Key error. File not found
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Familie Caliebe\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/19 06:42:59 | 000,000,000 | ---D | M]
 
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/01/09 05:56:48 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
 
O1 HOSTS File: ([2011/07/14 21:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\Familie_Caliebe_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\Familie_Caliebe_ON_C\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [FSCRecovery] C:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [InetAccelerator] C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O4 - HKLM..\Run: [InetAccelerator.] C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NPCTray]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [fsc-reg]  File not found
O4 - HKU\Familie_Caliebe_ON_C..\Run: [InetAccelerator] C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKU\Familie_Caliebe_ON_C..\Run: [loxoy.exe]  File not found
O4 - HKU\Familie_Caliebe_ON_C..\Run: [olmwKSKlNdgCU6b]  File not found
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk =  File not found
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH))
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\ProgramData\InetAccelerator\InetAccelerator.exe) - C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\InetAccelerator.exe) - C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O20 - HKU\Familie_Caliebe_ON_C Winlogon: Shell - (C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe) - C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKU\Familie_Caliebe_ON_C Winlogon: Shell - (C:\Users\Familie Caliebe\AppData\Roaming\Explorer.exe) -  File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{71448ffb-75f5-11df-8139-00140b6445f7}\Shell\AutoRun\command - "" = G:\setupSNK.exe
O33 - MountPoints2\{ae1d731d-69d7-11de-8967-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ae1d731d-69d7-11de-8967-806e6f6e6963}\Shell\AutoRun\command - "" = F:\mar.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/08 09:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/03 13:37:26 | 000,335,872 | ---- | C] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2012/02/03 12:40:39 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator
[2012/02/03 12:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator
[2012/02/03 09:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24
[2012/02/01 11:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/01 11:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/01 11:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/31 03:51:01 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2012/01/11 14:35:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/11 14:35:25 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 14:35:24 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/11 14:35:22 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2012/01/11 14:35:21 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 14:35:21 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/07 01:44:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/04 04:19:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/04 02:57:34 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/04 02:57:34 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/03 17:19:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/03 15:00:16 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/03 15:00:16 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/03 14:10:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/02/03 13:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2012/02/03 12:40:38 | 000,335,872 | ---- | M] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2012/02/03 07:52:48 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
[2012/02/01 11:57:29 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/02/01 11:57:29 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/01 11:57:29 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/02/01 11:57:29 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/01 11:41:49 | 000,001,670 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/02/01 11:41:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/01 04:31:07 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk
[2012/02/01 04:31:07 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/01/26 18:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/01/10 04:24:22 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2012/02/01 11:41:49 | 000,001,670 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/24 10:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini
[2011/11/22 02:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2011/11/22 02:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2011/11/22 02:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2011/11/22 02:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2011/11/22 02:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2011/11/22 02:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2011/10/13 20:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/05/16 09:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
[2011/04/28 13:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/16 12:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/16 12:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/11/21 15:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png
[2010/05/08 12:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009/09/23 18:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/08/31 13:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2009/08/05 03:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/07/19 08:56:48 | 000,049,152 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/14 07:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/07/14 07:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat
[2009/05/29 10:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/29 10:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/08/13 09:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/08/13 09:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/08/13 08:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/08/13 08:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/08/13 08:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/08/13 08:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/06/01 13:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008/04/25 07:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008/04/09 04:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/09 04:14:36 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/09 04:14:36 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/09 04:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/12/21 09:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/09/04 06:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007/02/05 14:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/04/21 03:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2005/07/22 14:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001/10/10 01:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll
[2001/10/10 01:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll
[2001/03/07 01:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll
 
========== LOP Check ==========
 
[2011/12/14 21:27:04 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Aqefwi
[2011/04/15 09:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon
[2010/11/21 18:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer
[2012/02/03 11:08:38 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox
[2010/12/09 11:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter
[2009/09/20 10:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0
[2009/10/19 14:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe
[2012/02/03 12:40:39 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator
[2009/09/18 09:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView
[2011/12/14 04:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes
[2011/11/15 02:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks
[2009/08/04 04:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware
[2011/12/10 09:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer
[2011/04/27 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia
[2010/06/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape
[2011/01/27 04:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org
[2010/11/19 07:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite
[2009/09/20 17:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet
[2011/11/25 12:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg
[2011/05/12 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion
[2011/07/14 14:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer
[2009/07/14 07:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template
[2010/11/21 18:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom
[2009/11/09 13:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/01/08 14:59:53 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2009/08/04 04:04:09 | 000,000,000 | ---D | M] -- C:\ProgramData\BTrieve
[2011/03/09 06:18:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2011/03/09 06:37:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonEPP
[2011/04/15 09:26:52 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJ
[2011/05/20 07:14:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEPPEX
[2011/03/09 06:37:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEPPEX2
[2011/03/09 06:23:09 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJMSetup
[2011/03/09 06:37:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJMyPrinter
[2012/02/02 06:37:18 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2011/04/15 09:27:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJScan
[2011/03/09 06:37:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJSolutionMenuEX
[2011/03/09 06:21:01 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJWSpt
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/01/09 05:56:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Haufe
[2009/07/05 15:39:43 | 000,000,000 | ---D | M] -- C:\ProgramData\HDBR31
[2012/02/03 12:40:39 | 000,000,000 | ---D | M] -- C:\ProgramData\InetAccelerator
[2010/11/19 09:58:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2011/09/29 14:10:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Lexware
[2011/12/14 04:49:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Mobile Master
[2010/11/19 09:59:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Nokia
[2010/11/19 07:30:46 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaInstallerCache
[2010/11/19 07:42:06 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaMusic
[2010/11/19 07:39:33 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2009/09/20 17:33:55 | 000,000,000 | ---D | M] -- C:\ProgramData\PixelPlanet
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/11/30 15:56:33 | 000,000,000 | ---D | M] -- C:\ProgramData\TomTom
[2009/11/09 13:10:07 | 000,000,000 | ---D | M] -- C:\ProgramData\VistaCodecs
[2010/11/07 04:46:32 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2009/07/05 14:34:29 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/09/21 14:13:41 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/03 14:10:32 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/03 07:52:48 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---


und hier die extras
OTL Logfile:
Code:
OTL Extras logfile created on: 2/8/2012 9:52:21 AM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92.21 Gb Total Space | 9.56 Gb Free Space | 10.37% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 441.39 Gb Free Space | 94.77% Space Free | Partition Type: NTFS
Drive G: | 364.76 Gb Total Space | 327.71 Gb Free Space | 89.84% Space Free | Partition Type: NTFS
Drive H: | 1.85 Gb Total Space | 1.85 Gb Free Space | 100.00% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 25
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\TUTTILI_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
 
< End of report >
--- --- ---

[/code]

piranya 08.02.2012 10:13
oops doppelpost

kira 08.02.2012 10:48
1.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKU\Familie_Caliebe_ON_C\..\URLSearchHook: {b106b661-3e1b-4015-af5c-195e909f35c6} - Reg Error: Key error. File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\Familie_Caliebe_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKU\.DEFAULT..\Run: [fsc-reg]  File not found
O4 - HKU\Familie_Caliebe_ON_C..\Run: [loxoy.exe]  File not found
O4 - HKU\Familie_Caliebe_ON_C..\Run: [olmwKSKlNdgCU6b]  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{71448ffb-75f5-11df-8139-00140b6445f7}\Shell\AutoRun\command - "" = G:\setupSNK.exe
O33 - MountPoints2\{ae1d731d-69d7-11de-8967-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ae1d731d-69d7-11de-8967-806e6f6e6963}\Shell\AutoRun\command - "" = F:\mar.exe
[2012/02/04 04:19:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/03 17:19:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

:Commands
[purity]
[emptytemp]

2.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
was geht und was nicht...kannst wieder normal starten? oder im abgesicherten Modus..

piranya 08.02.2012 10:53
mache ich den fix in diesem reatogo oder muss ich nen neustart machen dafuer

piranya 08.02.2012 11:33
nach dem Neustart gibt OTL folgende datei raus
Code:
========== OTL ==========
HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
Registry value HKEY_USERS\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\URLSearchHooks\\{b106b661-3e1b-4015-af5c-195e909f35c6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b106b661-3e1b-4015-af5c-195e909f35c6}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
C:\Program Files\Microsoft\BingBar\BingExt.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
File C:\Program Files\Microsoft\BingBar\BingExt.dll not found.
Registry value HKEY_USERS\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\fsc-reg deleted successfully.
Registry value HKEY_USERS\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\loxoy.exe deleted successfully.
Registry value HKEY_USERS\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\olmwKSKlNdgCU6b deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. X:\AUTORUN.INF scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71448ffb-75f5-11df-8139-00140b6445f7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71448ffb-75f5-11df-8139-00140b6445f7}\ not found.
File G:\setupSNK.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae1d731d-69d7-11de-8967-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae1d731d-69d7-11de-8967-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ae1d731d-69d7-11de-8967-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae1d731d-69d7-11de-8967-806e6f6e6963}\ not found.
File F:\mar.exe not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Familie Caliebe
->Temp folder emptied: 5207456717 bytes
->Temporary Internet Files folder emptied: 2552272323 bytes
->Java cache emptied: 10552302 bytes
->Flash cache emptied: 12703 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 113552944 bytes
 
Total Files Cleaned = 7,519.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 02082012_105816

Files\Folders moved on Reboot...
File move failed. X:\AUTORUN.INF scheduled to be moved on reboot.

Registry entries deleted on Reboot...
OTL Logfile:
Code:
OTL logfile created on: 2/8/2012 11:26:55 AM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92.21 Gb Total Space | 16.92 Gb Free Space | 18.35% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 441.39 Gb Free Space | 94.77% Space Free | Partition Type: NTFS
Drive E: | 1.85 Gb Total Space | 1.85 Gb Free Space | 100.00% Space Free | Partition Type: FAT
Drive H: | 364.76 Gb Total Space | 327.71 Gb Free Space | 89.84% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/10/21 09:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 11:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/11 07:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 07:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/07/08 15:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010/09/29 03:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/04/05 14:55:01 | 000,116,104 | ---- | M] () [Auto] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009/11/13 06:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/08/21 09:24:02 | 000,070,336 | ---- | M] () [On_Demand] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService)
SRV - [2008/06/01 13:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/06/01 13:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/06/01 13:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/04/25 07:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008/04/20 11:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/28 09:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/24 05:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/01/24 05:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2011/12/10 09:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/12/10 04:44:02 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/10/11 08:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/11 08:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 08:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/09 08:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/07/17 11:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/01 13:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC)
DRV - [2008/06/01 13:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/06/01 13:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2008/06/01 13:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2008/05/27 06:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008/05/01 01:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/04/15 10:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008/04/03 07:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008/03/25 09:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/03/25 06:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008/03/19 04:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/01/23 04:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/22 13:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007/11/29 02:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/10/18 07:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 04:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/07/27 05:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007/07/27 03:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007/01/04 13:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System] -- C:\Windows\System32\WinIo.sys -- (WINIO)
DRV - [2005/01/06 22:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01  [binary data]
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: 
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/19 06:42:59 | 000,000,000 | ---D | M]
 
[2012/02/08 11:21:21 | 000,000,000 | ---D | M] (No name found) -- B:\Documents and Settings\Default User\Application Data\Mozilla\Extensions
 
O1 HOSTS File: ([2011/07/14 21:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\Familie_Caliebe_ON_C\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [FSCRecovery] C:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [InetAccelerator] C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O4 - HKLM..\Run: [InetAccelerator.] C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NPCTray]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\Familie_Caliebe_ON_C..\Run: [InetAccelerator] C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH))
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\ProgramData\InetAccelerator\InetAccelerator.exe) - C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\InetAccelerator.exe) - C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O20 - HKU\Familie_Caliebe_ON_C Winlogon: Shell - (C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe) - C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKU\Familie_Caliebe_ON_C Winlogon: Shell - (C:\Users\Familie Caliebe\AppData\Roaming\Explorer.exe) -  File not found
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/08 10:58:25 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012/02/08 10:58:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/08 09:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/03 13:37:26 | 000,335,872 | ---- | C] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2012/02/03 12:40:39 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator
[2012/02/03 12:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator
[2012/02/03 09:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24
[2012/02/01 11:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/01 11:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/01 11:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/31 03:51:01 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2012/01/11 14:35:28 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/11 14:35:25 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 14:35:24 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/11 14:35:22 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2012/01/11 14:35:21 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 14:35:21 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/07 01:44:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/04 02:57:34 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/04 02:57:34 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/03 15:00:16 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/03 15:00:16 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/03 14:10:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/02/03 13:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2012/02/03 12:40:38 | 000,335,872 | ---- | M] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2012/02/03 07:52:48 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
[2012/02/01 11:57:29 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/02/01 11:57:29 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/01 11:57:29 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/02/01 11:57:29 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/01 11:41:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/01 04:31:07 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk
[2012/02/01 04:31:07 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/01/26 18:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/01/10 04:24:22 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
 
========== Files Created - No Company Name ==========
 
[2011/11/24 10:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini
[2011/11/22 02:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2011/11/22 02:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2011/11/22 02:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2011/11/22 02:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2011/11/22 02:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2011/11/22 02:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2011/10/13 20:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/05/16 09:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
[2011/04/28 13:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/16 12:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/16 12:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/11/21 15:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png
[2010/05/08 12:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009/09/23 18:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/08/31 13:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2009/08/05 03:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/07/19 08:56:48 | 000,049,152 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/14 07:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/07/14 07:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat
[2009/05/29 10:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/29 10:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/08/13 09:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/08/13 09:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/08/13 08:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/08/13 08:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/08/13 08:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/08/13 08:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/06/01 13:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008/04/25 07:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008/04/09 04:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/09 04:14:36 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/09 04:14:36 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/09 04:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007/12/21 09:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/09/04 06:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007/02/05 14:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/04/21 03:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2005/07/22 14:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001/10/10 01:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll
[2001/10/10 01:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll
[2001/03/07 01:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll
 
========== LOP Check ==========
 
[2011/12/14 21:27:04 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Aqefwi
[2011/04/15 09:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon
[2010/11/21 18:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer
[2012/02/03 11:08:38 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox
[2010/12/09 11:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter
[2009/09/20 10:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0
[2009/10/19 14:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe
[2012/02/03 12:40:39 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator
[2009/09/18 09:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView
[2011/12/14 04:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes
[2011/11/15 02:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks
[2009/08/04 04:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware
[2011/12/10 09:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer
[2011/04/27 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia
[2010/06/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape
[2011/01/27 04:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org
[2010/11/19 07:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite
[2009/09/20 17:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet
[2011/11/25 12:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg
[2011/05/12 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion
[2011/07/14 14:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer
[2009/07/14 07:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template
[2010/11/21 18:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom
[2009/11/09 13:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/01/08 14:59:53 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2009/08/04 04:04:09 | 000,000,000 | ---D | M] -- C:\ProgramData\BTrieve
[2011/03/09 06:18:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2011/03/09 06:37:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonEPP
[2011/04/15 09:26:52 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJ
[2011/05/20 07:14:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEPPEX
[2011/03/09 06:37:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEPPEX2
[2011/03/09 06:23:09 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJMSetup
[2011/03/09 06:37:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJMyPrinter
[2012/02/02 06:37:18 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2011/04/15 09:27:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJScan
[2011/03/09 06:37:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJSolutionMenuEX
[2011/03/09 06:21:01 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJWSpt
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/01/09 05:56:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Haufe
[2009/07/05 15:39:43 | 000,000,000 | ---D | M] -- C:\ProgramData\HDBR31
[2012/02/03 12:40:39 | 000,000,000 | ---D | M] -- C:\ProgramData\InetAccelerator
[2010/11/19 09:58:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2011/09/29 14:10:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Lexware
[2011/12/14 04:49:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Mobile Master
[2010/11/19 09:59:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Nokia
[2010/11/19 07:30:46 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaInstallerCache
[2010/11/19 07:42:06 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaMusic
[2010/11/19 07:39:33 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2009/09/20 17:33:55 | 000,000,000 | ---D | M] -- C:\ProgramData\PixelPlanet
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/11/30 15:56:33 | 000,000,000 | ---D | M] -- C:\ProgramData\TomTom
[2009/11/09 13:10:07 | 000,000,000 | ---D | M] -- C:\ProgramData\VistaCodecs
[2010/11/07 04:46:32 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2009/07/05 14:34:29 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/09/21 14:13:41 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/03 14:10:32 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/03 07:52:48 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---

OTL Logfile:
Code:
OTL Extras logfile created on: 2/8/2012 11:26:55 AM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92.21 Gb Total Space | 16.92 Gb Free Space | 18.35% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 441.39 Gb Free Space | 94.77% Space Free | Partition Type: NTFS
Drive E: | 1.85 Gb Total Space | 1.85 Gb Free Space | 100.00% Space Free | Partition Type: FAT
Drive H: | 364.76 Gb Total Space | 327.71 Gb Free Space | 89.84% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 25
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Familie_Caliebe_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
 
< End of report >
--- --- ---

[/code]

piranya 08.02.2012 12:00
neustart in vista ergibt gleiches Problem , auch im abgesicherten Modus immer noch weisser bildschirm mit dieser fehlermeldung

:killpc:

kira 08.02.2012 17:08
1.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
O4 - HKLM..\Run: [InetAccelerator] C:\Windows\System32\InetAccelerator.exe (MacroSoft)
O4 - HKLM..\Run: [InetAccelerator.] C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O4 - HKU\Familie_Caliebe_ON_C..\Run: [InetAccelerator] C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKLM Winlogon: UserInit - (C:\ProgramData\InetAccelerator\InetAccelerator.exe) - C:\ProgramData\InetAccelerator\InetAccelerator.exe (MacroSoft)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\InetAccelerator.exe) - C:\Windows\System32\InetAccelerator.exe (MacroSoft)
[2012/02/03 13:37:26 | 000,335,872 | ---- | C] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2012/02/03 12:40:39 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator
[2012/02/03 12:40:38 | 000,335,872 | ---- | M] (MacroSoft) -- C:\Windows\System32\InetAccelerator.exe
[2011/12/14 21:27:04 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Aqefwi

:Commands
[purity]
[emptytemp]

2.
TDSSKiller von Kaspersky
  • Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
  • Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
  • deaktiviere vorübergehend dein AntiVirus-Programm
  • Starte die TDSSKiller.exe durch Doppelklick.
  • Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
    Bestätige das ggfs. mit Y(es).
    Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
  • Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.
Hier findest Du eine ausführlichere Anleitung.

3.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

piranya 10.02.2012 21:14
Hier der Fix Report

Code:
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\InetAccelerator deleted successfully.
C:\Windows\System32\InetAccelerator.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\InetAccelerator. deleted successfully.
C:\ProgramData\InetAccelerator\InetAccelerator.exe moved successfully.
Registry value HKEY_USERS\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Run\\InetAccelerator deleted successfully.
C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\ProgramData\InetAccelerator\InetAccelerator.exe deleted successfully.
File C:\ProgramData\InetAccelerator\InetAccelerator.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit:C:\Windows\system32\InetAccelerator.exe deleted successfully.
File C:\Windows\System32\InetAccelerator.exe not found.
File C:\Windows\System32\InetAccelerator.exe not found.
C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator folder moved successfully.
File C:\Windows\System32\InetAccelerator.exe not found.
C:\Users\Familie Caliebe\AppData\Roaming\Aqefwi folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Familie Caliebe
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
 
Total Files Cleaned = 0.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 02102012_210114

piranya 10.02.2012 21:35
Dieser Kapersky findet nix und kann beim starten folgendes nicht machen>

Habe in reatogo das program geladen
ich wuesste nicht wie ich darun antivir abschalten kann

1. Cant initialiye log
2. Cant load driver

dann finde ich unter der gegebenen adresse kein log file und ausserdem findet das Programm keinen Fehler.

lasse dann aber OTLPE nochmal laufen.

piranya 10.02.2012 21:43
Code:
OTL logfile created on: 2/10/2012 9:39:32 PM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92.21 Gb Total Space | 16.82 Gb Free Space | 18.24% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 441.39 Gb Free Space | 94.77% Space Free | Partition Type: NTFS
Drive G: | 364.76 Gb Total Space | 327.71 Gb Free Space | 89.84% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011/10/21 09:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 11:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/10/11 07:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 07:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/07/08 15:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010/09/29 03:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/04/05 14:55:01 | 000,116,104 | ---- | M] () [Auto] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009/11/13 06:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/08/21 09:24:02 | 000,070,336 | ---- | M] () [On_Demand] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService)
SRV - [2008/06/01 13:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/06/01 13:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/06/01 13:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/04/25 07:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008/04/20 11:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/28 09:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/24 05:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/01/24 05:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - [2011/12/10 09:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011/12/10 04:44:02 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/10/11 08:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/10/11 08:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 08:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/12/09 08:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/07/17 11:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/01 13:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC)
DRV - [2008/06/01 13:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/06/01 13:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2008/06/01 13:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2008/05/27 06:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008/05/01 01:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008/04/15 10:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008/04/03 07:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008/03/25 09:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/03/25 06:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008/03/19 04:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/01/23 04:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008/01/22 13:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007/11/29 02:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/10/18 07:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 04:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/07/27 05:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007/07/27 03:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007/01/04 13:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System] -- C:\Windows\System32\WinIo.sys -- (WINIO)
DRV - [2005/01/06 22:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01  [binary data]
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Familie_Caliebe_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\System32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: 
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Familie Caliebe\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/11/19 06:42:59 | 000,000,000 | ---D | M]
 
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/01/09 05:56:48 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
 
O1 HOSTS File: ([2011/07/14 21:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\Familie_Caliebe_ON_C\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [FSCRecovery] C:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NPCTray]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk =  File not found
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH))
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\Familie_Caliebe_ON_C Winlogon: Shell - (C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe) -  File not found
O20 - HKU\Familie_Caliebe_ON_C Winlogon: Shell - (C:\Users\Familie Caliebe\AppData\Roaming\Explorer.exe) -  File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/02/08 10:58:25 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012/02/08 10:58:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/02/08 09:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/02/03 12:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator
[2012/02/03 09:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24
[2012/02/01 11:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/01 11:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/02/01 11:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/01/31 03:51:01 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012/02/08 05:41:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/08 05:37:22 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/02/08 05:37:22 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/02/08 05:36:50 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/08 05:36:50 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/08 05:36:48 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/02/03 14:10:32 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/02/03 13:37:28 | 000,000,274 | ---- | M] () -- C:\Windows\win.ini
[2012/02/03 13:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2012/02/03 07:52:48 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
[2012/02/01 11:57:29 | 001,445,310 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2012/02/01 11:57:29 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/02/01 11:57:29 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/02/01 11:57:29 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/02/01 11:57:29 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/02/01 11:41:49 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/02/01 04:31:07 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk
[2012/02/01 04:31:07 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/01/26 18:21:24 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
========== Files Created - No Company Name ==========
 
[2011/11/24 10:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini
[2011/11/22 02:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2011/11/22 02:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2011/11/22 02:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2011/11/22 02:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2011/11/22 02:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2011/11/22 02:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2011/10/13 20:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/05/16 09:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
[2011/04/28 13:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/01/16 12:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/01/16 12:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/01/16 12:37:40 | 000,368,640 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll
[2010/11/21 15:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png
[2010/05/08 12:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009/09/23 18:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/08/31 13:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2009/08/05 03:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/07/19 08:56:48 | 000,049,152 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/14 07:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009/07/14 07:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat
[2009/07/05 14:35:33 | 000,113,416 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/05/29 10:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/29 10:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/09/12 10:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/08/13 09:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/08/13 09:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/08/13 08:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008/08/13 08:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008/08/13 08:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008/08/13 08:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/06/01 13:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008/04/25 07:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008/04/09 05:19:15 | 001,445,310 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI
[2008/04/09 04:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008/04/09 04:14:36 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008/04/09 04:14:36 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008/04/09 04:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008/01/20 21:24:38 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini
[2007/12/21 09:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007/09/04 06:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007/02/05 14:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:37:35 | 000,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 07:37:35 | 000,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:37:35 | 000,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:35 | 000,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 07:34:41 | 000,197,632 | ---- | C] () -- C:\Windows\System32\ir32_32.dll
[2006/11/02 05:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:24:31 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2006/11/02 05:23:31 | 000,000,274 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 05:23:31 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 02:10:37 | 000,053,536 | ---- | C] () -- C:\Windows\System32\dosx.exe
[2006/11/02 02:10:02 | 000,000,718 | ---- | C] () -- C:\Windows\System32\mscdexnt.exe
[2006/11/02 02:10:00 | 000,002,842 | ---- | C] () -- C:\Windows\System32\redir.exe
[2006/11/02 02:09:59 | 000,069,886 | ---- | C] () -- C:\Windows\System32\edit.com
[2006/11/02 02:09:59 | 000,019,694 | ---- | C] () -- C:\Windows\System32\GRAPHICS.COM
[2006/11/02 02:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\share.exe
[2006/11/02 02:09:59 | 000,000,882 | ---- | C] () -- C:\Windows\System32\fastopen.exe
[2006/11/02 02:09:57 | 000,014,710 | ---- | C] () -- C:\Windows\System32\KB16.COM
[2006/11/02 02:09:56 | 000,007,052 | ---- | C] () -- C:\Windows\System32\nlsfunc.exe
[2006/11/02 02:09:55 | 000,039,274 | ---- | C] () -- C:\Windows\System32\mem.exe
[2006/11/02 02:09:55 | 000,001,131 | ---- | C] () -- C:\Windows\System32\LOADFIX.COM
[2006/11/02 02:09:53 | 000,011,753 | ---- | C] () -- C:\Windows\System32\setver.exe
[2006/11/02 02:09:52 | 000,020,634 | ---- | C] () -- C:\Windows\System32\debug.exe
[2006/11/02 02:09:51 | 000,008,424 | ---- | C] () -- C:\Windows\System32\exe2bin.exe
[2006/11/02 02:09:50 | 000,012,642 | ---- | C] () -- C:\Windows\System32\edlin.exe
[2006/11/02 02:09:49 | 000,050,648 | ---- | C] () -- C:\Windows\System32\COMMAND.COM
[2006/11/02 02:09:49 | 000,012,498 | ---- | C] () -- C:\Windows\System32\append.exe
[2006/11/02 02:09:45 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys
[2006/11/02 02:09:44 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 02:09:44 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 02:09:42 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS
[2006/11/02 02:09:41 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 02:09:40 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 02:09:38 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 02:09:35 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 02:09:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 02:09:29 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 02:09:26 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 02:09:24 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 02:09:23 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 02:09:22 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS
[2006/11/02 02:09:20 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 01:25:08 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll
[2006/04/21 03:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2005/07/22 14:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001/10/10 01:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll
[2001/10/10 01:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll
[2001/03/07 01:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll
 
========== LOP Check ==========
 
[2011/04/15 09:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon
[2010/11/21 18:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer
[2012/02/03 11:08:38 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox
[2010/12/09 11:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter
[2009/09/20 10:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0
[2009/10/19 14:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe
[2009/09/18 09:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView
[2011/12/14 04:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes
[2011/11/15 02:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks
[2009/08/04 04:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware
[2011/12/10 09:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer
[2011/04/27 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia
[2010/06/07 07:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape
[2011/01/27 04:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org
[2010/11/19 07:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite
[2009/09/20 17:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet
[2011/11/25 12:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg
[2011/05/12 16:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion
[2011/07/14 14:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer
[2009/07/14 07:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template
[2010/11/21 18:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer
[2009/11/30 15:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom
[2009/11/09 13:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/01/08 14:59:53 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2009/08/04 04:04:09 | 000,000,000 | ---D | M] -- C:\ProgramData\BTrieve
[2011/03/09 06:18:23 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonBJ
[2011/03/09 06:37:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonEPP
[2011/04/15 09:26:52 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJ
[2011/05/20 07:14:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEPPEX
[2011/03/09 06:37:10 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEPPEX2
[2011/03/09 06:23:09 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJMSetup
[2011/03/09 06:37:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJMyPrinter
[2012/02/02 06:37:18 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2011/04/15 09:27:03 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJScan
[2011/03/09 06:37:11 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJSolutionMenuEX
[2011/03/09 06:21:01 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJWSpt
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2011/01/09 05:56:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Haufe
[2009/07/05 15:39:43 | 000,000,000 | ---D | M] -- C:\ProgramData\HDBR31
[2012/02/10 21:01:18 | 000,000,000 | ---D | M] -- C:\ProgramData\InetAccelerator
[2010/11/19 09:58:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Installations
[2011/09/29 14:10:32 | 000,000,000 | ---D | M] -- C:\ProgramData\Lexware
[2011/12/14 04:49:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Mobile Master
[2010/11/19 09:59:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Nokia
[2010/11/19 07:30:46 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaInstallerCache
[2010/11/19 07:42:06 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaMusic
[2010/11/19 07:39:33 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2009/09/20 17:33:55 | 000,000,000 | ---D | M] -- C:\ProgramData\PixelPlanet
[2006/11/02 08:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2006/11/02 08:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2009/11/30 15:56:33 | 000,000,000 | ---D | M] -- C:\ProgramData\TomTom
[2009/11/09 13:10:07 | 000,000,000 | ---D | M] -- C:\ProgramData\VistaCodecs
[2010/11/07 04:46:32 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2009/07/05 14:34:29 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/09/21 14:13:41 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/03 14:10:32 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/02/03 07:52:48 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
 
========== Purity Check ==========
 
 
< End of report >

piranya 10.02.2012 21:45
Code:
OTL Extras logfile created on: 2/10/2012 9:39:32 PM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 86.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92.21 Gb Total Space | 16.82 Gb Free Space | 18.24% Space Free | Partition Type: NTFS
Drive D: | 465.76 Gb Total Space | 441.39 Gb Free Space | 94.77% Space Free | Partition Type: NTFS
Drive G: | 364.76 Gb Total Space | 327.71 Gb Free Space | 89.84% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 25
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Familie_Caliebe_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
 
< End of report >

piranya 10.02.2012 22:05
Hey kira,

jetzt habe ich einen Neustart gewagt und bin in Vista wieder drin.:daumenhoc


Danke schon mal. :dankeschoen: Ich bin mir aber ziemlich sicher, dass damit das Problem nicht behoben ist, sondern nur unterdrückt.

Mein System fragt sofort nach einem Java update.

Was soll ich jetzt machen?

Was wäre eine gute Lösung wie ich mich insgesamt schützen kann?
Ich gehe davon aus, dass sobald ich meine Daten gesichert habe (wie mache ich das ohne Viren und Trojaner mitzunehmen?), dass ich die Platte formatieren sollte. Anschließend kann ich windows 7 installieren.

piranya

kira 11.02.2012 09:30
Ok, dann so geht es weiter:

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
  • Installieren und per Doppelklick starten.
  • Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
  • "Komplett Scan durchführen" wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung/virus-protect.org

2.
NICHT OTLPE starten!!, sondern:

Systemscan mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop.
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.

    http://image.hijackthis.eu/upload/otl_screen_neu.jpg
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

3.
Um festzustellen, ob veraltete oder schädliche Software unter Programme installiert sind, ich würde gerne noch all deine installierten Programme sehen:
  • Download den CCleaner
  • Software-Lizenzvereinbarung lesen, falls irgendeine Toolbar angeboten wird, bitte abwählen!-> starten -> Falls nötig, auf "Deutsch" einstellen.
  • starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
  • ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

4.
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit)
Achtung!:
WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten!
Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :
  • - also lade Dir Gmer herunter und entpacke es auf deinen Desktop
    - starte gmer.exe
    - [b]schließe alle Programme, ausserdem Antiviren und andere Schutzprogramme usw müssen deaktiviert sein, keine Verbindung zum Internet, WLAN auch trennen)
    - bitte nichts am Pc machen während der Scan läuft!
    - klicke auf "Scan", um das Tool zu starten
    - wenn der Scan fertig ist klicke auf "Copy" (das Log wird automatisch in die Zwischenablage kopiert) und mit STRG + V musst Du gleich da einfügen
    - mit "Ok" wird Gmer beendet.
    - das Log aus der Zwischenablage hier in Deinem Thread vollständig hineinkopieren

** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen
Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren!
Anleitung:-> GMER - Rootkit Scanner

5.
Kontrolle mit MBR -t, ob Master Boot Record in Ordnung ist (MBR-Rootkit)

Mit dem folgenden Tool prüfen wir, ob sich etwas Schädliches im Master Boot Record eingenistet hat.
  • Downloade die MBR.exe von Gmer und
    kopiere die Datei mbr.exe in den Ordner C:\Windows\system32.
    Falls Du den Ordner nicht sehen kannst, diese Einstellungen in den Ordneroptionen vornehmen.
  • Start => ausführen => cmd (da reinschreiben) => OK
    es öffnet sich eine Eingabeaufforderung.

    Vista- und Windows 7-User: Start => Alle Programme => Zubehör => Rechtsklick auf Eingabeaufforderung und wähle Als Administrator ausführen.
  • Nach dem Prompt (>_) folgenden

    aus der Codebox manuell eingeben oder alternativ den mit STRG + C ins Clipboard kopieren und einfügen.
    Einfügen in der Eingabeaufforderung: in der Titelleiste einen Rechtsklick machen => Bearbeiten => einfügen.

    Code:
    mbr.exe -t > C:\mbr.log & C:\mbr.log
    (Enter drücken)
  • Nach kurzer Zeit wird sich Dein Editor öffnen und die Datei C:\mbr.log beinhalten.
    Bitte kopiere den Inhalt hier in Deinen Thread.

piranya 11.02.2012 12:02
hi, also dann wollen wir mal:

malware log:
Code:
Malwarebytes Anti-Malware (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.02.10.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19170
Familie Caliebe :: FAMCALIEBE-PC [Administrator]

Schutz: Aktiviert

10.02.2012 22:12:31
mbam-log-2012-02-10 (22-12-31).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 452103
Laufzeit: 3 Stunde(n), 52 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Trojan.Agent) -> Daten: C:\Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe,C:\Users\Familie Caliebe\AppData\Roaming\Explorer.exe, -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\$Recycle.Bin\S-1-5-21-2760801815-2772606527-509779656-1000\$RKNJ6OT.exe (Trojan.Cryptpin.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02102012_210114\C_ProgramData\InetAccelerator\InetAccelerator.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02102012_210114\C_Users\Familie Caliebe\AppData\Roaming\InetAccelerator\InetAccelerator.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02102012_210114\C_Windows\System32\InetAccelerator.exe (Trojan.Ransom) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
OTL Logfile:
OTL Logfile:
Code:
OTL logfile created on: 11.02.2012 11:38:33 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 54,76% Memory free
6,07 Gb Paging File | 4,24 Gb Available in Paging File | 69,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 13,65 Gb Free Space | 14,80% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 441,36 Gb Free Space | 94,76% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 327,71 Gb Free Space | 89,84% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 86,84 Gb Free Space | 18,64% Space Free | Partition Type: NTFS
 
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
PRC - [2012.01.18 19:54:06 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.16 12:54:22 | 000,220,744 | ---- | M] (Geek Software GmbH) -- C:\Program Files\pdf24\pdf24.exe
PRC - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.11.19 12:42:39 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.12 20:36:26 | 002,260,992 | ---- | M] (FIC) -- C:\Program Files\Launch Pad\LaunchPad.exe
PRC - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008.06.19 13:03:22 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe
PRC - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe
PRC - [2008.05.08 06:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008.04.20 17:30:16 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.03.14 12:09:56 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008.01.22 19:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.10.29 13:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007.10.04 17:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.01.27 10:13:37 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.01.18 15:50:02 | 000,417,792 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\adobexmp.dll
MOD - [2008.06.19 13:14:12 | 000,107,280 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.dll
MOD - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
MOD - [2008.06.19 13:05:28 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
MOD - [2008.06.19 13:05:04 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
MOD - [2008.06.19 13:04:54 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll
MOD - [2008.06.19 13:04:08 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll
MOD - [2008.06.19 13:03:56 | 000,344,336 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll
MOD - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe
MOD - [2008.06.01 19:44:20 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe
MOD - [2005.07.22 20:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.21 15:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010.09.29 09:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.08.21 15:24:02 | 000,070,336 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService)
SRV - [2008.06.01 19:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.01.24 11:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.01.24 11:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.12.10 15:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.12.10 10:44:02 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.12.09 14:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.17 17:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.01 19:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC)
DRV - [2008.06.01 19:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.06.01 19:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2008.06.01 19:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2008.05.27 12:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.05.01 07:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.15 16:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008.04.03 13:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008.03.25 15:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008.03.25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008.03.19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008.01.23 10:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.01.22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007.11.29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.10.18 13:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.10.02 10:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.07.27 11:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007.07.27 09:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007.01.04 19:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System | Running] -- C:\Windows\System32\WinIo.sys -- (WINIO)
DRV - [2005.01.07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Familie Caliebe\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.11.19 12:42:59 | 000,000,000 | ---D | M]
 
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.01.09 11:56:48 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
 
O1 HOSTS File: ([2011.07.15 03:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH))
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F1352B-26BE-42F8-A68D-EFC7DA290643}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB303501-7B79-4119-B373-F5AF1B598B00}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.12.15 08:01:46 | 000,000,113 | ---- | M] () - G:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.11 11:32:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
[2012.02.11 02:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.11 02:36:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.10 22:11:43 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\Malwarebytes
[2012.02.10 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.10 22:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.10 22:11:30 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.08 16:58:25 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012.02.08 16:58:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.08 15:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.02.03 18:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator
[2012.02.03 15:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24
[2012.02.01 17:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.01 17:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.01 17:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
[2012.02.11 10:27:57 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 10:27:57 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.11 04:11:14 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.02.11 03:21:50 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.11 03:21:50 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.11 03:21:50 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.11 03:21:50 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.11 02:28:30 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.02.11 02:27:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.11 02:27:49 | 3150,782,464 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.11 02:26:36 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.10 21:53:55 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
[2012.02.03 19:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2012.02.01 10:31:07 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk
[2012.02.01 10:31:07 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
========== Files Created - No Company Name ==========
 
[2012.02.10 21:47:55 | 3150,782,464 | -HS- | C] () -- C:\hiberfil.sys
[2011.11.24 16:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini
[2011.11.22 08:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2011.11.22 08:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2011.11.22 08:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2011.11.22 08:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2011.11.22 08:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2011.11.22 08:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2011.10.14 02:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.05.16 15:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
[2011.04.28 19:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.16 18:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.01.16 18:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.11.21 21:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png
[2010.05.08 18:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009.09.24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.08.31 19:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2009.08.05 09:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.07.19 14:56:48 | 000,049,152 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.14 13:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.07.14 13:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat
[2009.05.29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.08.13 14:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008.08.13 14:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008.08.13 14:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008.08.13 14:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.06.01 19:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008.04.25 13:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008.04.09 10:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.09 10:14:36 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.09 10:14:36 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.09 10:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.12.21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.04.21 09:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001.10.10 07:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll
[2001.10.10 07:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll
[2001.03.07 07:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll
 
========== LOP Check ==========
 
[2011.04.15 15:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon
[2010.11.22 00:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer
[2012.02.11 08:52:37 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox
[2010.12.09 17:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter
[2009.09.20 16:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0
[2009.10.19 20:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe
[2009.09.18 15:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView
[2011.12.14 10:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes
[2011.11.15 08:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks
[2009.08.04 10:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware
[2011.12.10 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer
[2011.04.27 20:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia
[2010.06.07 13:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape
[2011.01.27 10:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org
[2010.11.19 13:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite
[2009.09.20 23:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet
[2011.11.25 18:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg
[2011.05.12 22:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion
[2011.07.14 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer
[2009.07.14 13:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template
[2010.11.22 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom
[2009.11.09 19:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs
[2012.02.11 02:26:36 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.02.10 21:53:55 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

--- --- ---

OTL Logfile:
OTL Logfile:
Code:
OTL Extras logfile created on: 11.02.2012 11:38:33 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 54,76% Memory free
6,07 Gb Paging File | 4,24 Gb Available in Paging File | 69,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 13,65 Gb Free Space | 14,80% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 441,36 Gb Free Space | 94,76% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 327,71 Gb Free Space | 89,84% Space Free | Partition Type: NTFS
Drive G: | 465,76 Gb Total Space | 86,84 Gb Free Space | 18,64% Space Free | Partition Type: NTFS
 
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028B4C32-C2D9-4394-902F-B9142219333C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{04F92F9A-138C-42BC-921A-6E929B789ACE}" = lport=139 | protocol=6 | dir=in | app=system |
"{0CF2E451-41AC-4B16-B11E-81C4D558ADF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0F94B7EE-08A7-49B0-916F-DBEBF25DF505}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14B0B50E-0819-4BBD-84A1-F51E92743180}" = lport=138 | protocol=17 | dir=in | app=system |
"{177BBE08-15EF-4FFF-88EB-3E17CA93AFE0}" = rport=445 | protocol=6 | dir=out | app=system |
"{399FDB8C-5179-42B2-A847-F738A011EA7D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D2C6B5F-2B58-4FF8-995D-7B8DCC4AFA97}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4BB8119E-E588-4963-B0F7-667AA204AF76}" = rport=137 | protocol=17 | dir=out | app=system |
"{4C864EF2-4DB2-4AD5-829C-BAA34CA3F038}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4F230D45-7BEE-498C-85F3-091CC6D56780}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{529CD8FE-D9D3-46B8-8E7A-B6C8BA20C872}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56E53D23-9C46-4171-B4BD-EFEFDE2DBCA6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5FC96C63-4C16-45BD-AD48-836411891633}" = lport=137 | protocol=17 | dir=in | app=system |
"{61357620-41F8-48DD-AFFD-228457F83830}" = lport=10243 | protocol=6 | dir=in | app=system |
"{692D14CA-E8EA-4C5D-B2C8-4E124BE5ABC0}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{74C16965-AF24-48D7-B913-7A95C4B7A475}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8248A5D1-C496-4E05-AF87-7119575749AE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8345D527-2093-4C85-B5B9-DC13EF97E7CE}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8DF2E9DE-924C-48D9-A533-910B82DAD3F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F631649-75FD-476B-A8CA-F08361146E6D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{90F60FA8-7C36-4BC7-B476-A76F1CA349F8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{97A07EDA-C778-485D-8250-2B9526CD87A1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ADC075BE-47C4-4E1C-A951-89C496952C3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AEBCB133-9BA5-4C3A-8BC5-7408E0096418}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B157AC96-138D-42F7-9D03-1BD53F3AECEE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B16315F2-2295-4409-826B-EB0C60194D4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B787F7C8-758E-4D0B-AF40-4D0E936A6A40}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9EC8EB4-BAFD-4FC1-86E3-7E809FF82DF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C75F07D7-7439-4878-9700-FD62FB9ECB4E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C793794A-107A-466E-B0F5-044E487FF23F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{D4ECD863-4A9F-4CCC-A9DD-C95B8FE51F0C}" = rport=138 | protocol=17 | dir=out | app=system |
"{D81FE3F8-4BF9-4559-93B1-99B5F11296EF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E3A2B235-5E7E-41DE-8387-46E14FA5C8DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E3B52225-2D40-45DD-A1C6-344AE1ADB81B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EF823FEB-C81D-41FD-B2DB-2710D38C6451}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
"{EF8868C3-56E3-431F-A11B-766A1E15DE42}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F7E23D1C-F8DD-4FC6-8C12-18A78E2EE947}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FEF35F35-6B6E-4285-89AB-15789297896F}" = rport=139 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16CFECE3-6272-40FB-AC9F-6E6884EFD3F1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1CA5A966-6291-4188-86E8-C00AF13ECD63}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2C29F314-74C9-4645-A2AB-4BDAA7ACB000}" = protocol=6 | dir=out | app=system |
"{39BFA96F-2ED4-4B36-B4C8-47D40FAC1EA8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{400B3FCA-0462-4A41-A488-667BE7300515}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{53A783E9-71AA-49C6-BD46-B20324A38E94}" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{5A6464F6-6CCB-4BB3-B009-1B73CC55E515}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5BD806D7-EE42-4989-AFE3-874512F1DA7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5C0ACF25-5B53-4527-9C5A-3DDBD2095673}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5CE22F28-378D-401F-BBC1-259DF989CA9E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63920450-A1B2-4B2C-9F3E-AE7202AC6EAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6915F986-0CF0-4252-8CAB-AFA6862DD3CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7135FA55-D064-47C0-92B5-E9FCDB97D550}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73DBF261-8B04-4232-9CC0-3A2228604DB6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{783B9F82-EBCF-4356-9721-871AF9B48EEB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7BD13045-E407-4990-8AFB-C46B6BB72D35}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{83867EC9-0C61-4457-914A-618BA58C8DAF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84FC65AC-3E38-4200-9616-1E907C8EEFEF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8795D016-BA9E-48B7-A82C-74BAFCF420EC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{8D81974A-7E85-4B63-BDBE-D1C7F581150E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E09A290-C25D-47FA-9A86-A76DF1BFB6C2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{94C84392-7A31-4068-A672-44284F877D8C}" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\local\microsoft\windows\temporary internet files\content.ie5\8c97x96y\sweetimsetup[1].exe |
"{95EDE25A-A91A-4AD6-870B-45486836220C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{98B9728F-D9CC-4900-AEB7-D732AE63DE4D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9E6F1110-EDAC-421F-B014-E8017C3C09FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A571B085-7546-453C-9725-9451132E1348}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A945F80E-19B0-44E5-9D84-64B55D1C9357}" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{B785D447-A5FD-4085-8A20-E6A2A1E98237}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BB970AD3-2015-421D-908A-603B3B44452F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC909859-9709-48C2-8BEC-A1A4D49BA1F3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DDB96144-E043-4151-BE55-68856F397BD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E201A4B9-4995-422C-B098-BBA1D2FF7D87}" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\local\microsoft\windows\temporary internet files\content.ie5\8c97x96y\sweetimsetup[1].exe |
"{E82D08A7-FE1F-47F8-95AC-6F0A7EAB25C8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EDE2310D-B442-416F-8C6D-96C4938DC523}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F34D272E-9668-447D-A99C-0171C0BA3F39}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8694076-8ED2-4F50-A017-ECBFC033E2EB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FE627DAE-22D5-467F-BF75-5F501F6FE7E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0C86B580-3484-4617-919F-1A61BA851173}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{1E1C8E01-4AEF-4C56-899C-1F7C459F9BA9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5609AF03-403E-4DE3-86F7-B00CB7A481E5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{6BF93385-690E-4499-801D-1078C3703FA1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{813E93D8-B46E-4BA9-872F-86E6831A0B8B}C:\users\public\downloads\eclipse-java-helios-sr2-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\public\downloads\eclipse-java-helios-sr2-win32\eclipse\eclipse.exe |
"TCP Query User{98F3BF9B-15FA-4422-8583-8976FE9272A9}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B078E111-3752-49D8-BE05-196EC7484287}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"TCP Query User{BA5CA1E8-95E3-4CC8-B169-1A189813514E}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{C9C70568-0C4D-42FD-8777-CF5B71E15738}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{CC4C04DA-F5A4-4241-BA10-350903397661}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{212FE706-E691-4632-803C-C8F1E5FEE0C5}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{3F29293B-5D3C-45AD-8614-A9E483ABC3A6}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"UDP Query User{464AC7C3-7144-49B9-B6F2-1AAC3E68BDB8}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6FF4DEB1-1A1D-4ADD-AE18-DBC082FFEC37}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{78049496-CEE4-4AFD-9FFA-C63054F6B7E8}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{C00C8209-ED61-45F5-BA72-20AA1B962696}C:\users\public\downloads\eclipse-java-helios-sr2-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\public\downloads\eclipse-java-helios-sr2-win32\eclipse\eclipse.exe |
"UDP Query User{DE671AA4-6E71-430D-AD1A-FE34A34417D8}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{E0922CB7-D8F9-4A3F-A2B4-1201D6D809A8}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{EC9D70E0-90EE-47D0-837B-258412B13D92}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FFC939BE-D69D-4FE6-A423-41A311E2FBFF}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:13:59 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
[ OSession Events ]
Error - 05.05.2010 10:55:45 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 948
 seconds with 900 seconds of active time.  This session ended with a crash.
 
Error - 27.01.2011 06:03:18 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 10522 seconds with 120 seconds of active time.  This session ended with a
 crash.
 
Error - 18.02.2011 04:04:41 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 64754
 seconds with 6660 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 10.02.2012 21:30:04 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 10.02.2012 21:30:04 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 10.02.2012 21:30:04 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 10.02.2012 21:31:01 | Computer Name = FamCaliebe-PC | Source = DCOM | ID = 10010
Description =
 
Error - 10.02.2012 21:32:07 | Computer Name = FamCaliebe-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 10.02.2012 22:47:44 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7031
Description =
 
Error - 10.02.2012 22:51:36 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7024
Description =
 
Error - 10.02.2012 22:51:36 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7031
Description =
 
Error - 11.02.2012 06:14:19 | Computer Name = FamCaliebe-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie chkdsk auf Volume "SYSTEM" aus.
 
Error - 11.02.2012 06:14:21 | Computer Name = FamCaliebe-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie chkdsk auf Volume "SYSTEM" aus.
 
 
< End of report >
--- --- ---

--- --- ---

piranya 11.02.2012 12:12
Code:

7-Zip 9.20                21.03.2011        3,54MB       
Activation Assistant for the 2007 Microsoft Office suites        Microsoft Corporation        04.07.2009        14,0MB       
Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        09.01.2012                11.1.102.55
Adobe Reader 9.3 - Deutsch        Adobe Systems Incorporated        20.03.2010        162,5MB        9.3.0
Adobe Shockwave Player 11.5        Adobe Systems, Inc.        20.02.2010        8,37MB        11.5.6.606
ALPS Touch Pad Driver                12.08.2008               
Apple Application Support        Apple Inc.        31.01.2012        61,2MB        2.1.6
Apple Mobile Device Support        Apple Inc.        31.01.2012        24,1MB        4.0.0.97
Apple Software Update        Apple Inc.        20.09.2011        2,38MB        2.1.3.127
Avira Free Antivirus        Avira        21.12.2011        68,3MB        12.0.0.872
AXIS Media Control Embedded                01.01.2010        1,34MB       
Bing Bar        Microsoft Corporation        15.12.2011        26,9MB        7.0.850.0
Bluetooth Stack for Windows by Toshiba        TOSHIBA CORPORATION        13.07.2009        57,5MB        v6.00.05(FSC)
Bonjour        Apple Inc.        01.11.2011        1,04MB        3.0.0.10
Caillous Vorschule                10.03.2011        171,8MB        1.00.000
Canon Easy-PhotoPrint EX                08.03.2011        227MB       
Canon Easy-WebPrint EX                08.03.2011        6,81MB       
Canon Inkjet Printer/Scanner/Fax Extended Survey Program                08.03.2011        1,25MB       
Canon MG5100 series Benutzerregistrierung                08.03.2011        1,18MB       
Canon MG5100 series MP Drivers                08.03.2011        353MB       
Canon MP Navigator EX 4.0                08.03.2011        75,3MB       
Canon My Printer                08.03.2011        5,55MB       
Canon Solution Menu EX                08.03.2011        12,4MB       
CCleaner        Piriform        10.02.2012        4,24MB        3.15
Compatibility Pack für 2007 Office System        Microsoft Corporation        14.12.2011        56,2MB        12.0.6425.1000
Dropbox        Dropbox, Inc.        31.01.2012        26,2MB        1.2.51
Free Video Converter V 2.9        Koyote Soft        08.12.2010        11,8MB        2.9.0.0
Fujitsu Siemens Computers Recovery        Fujitsu Siemens Computers        04.07.2009        7,06MB        1.3.9
GIMP 2.6.7                10.09.2009        87,0MB       
GPL Ghostscript 8.64                02.08.2009        22,5MB       
GSview 4.9                02.08.2009        3,21MB       
Haufe iDesk-Browser        Haufe        08.01.2011        18,4MB        9.06.30.7144
Haufe iDesk-Service        Haufe        08.01.2011        135,7MB        9.08.21.7460
Hotkey Utility                12.08.2008        5,46MB        1.5.5
iCloud        Apple Inc.        31.01.2012        22,4MB        1.0.2.17
Intel(R) Network Connections Drivers                05.07.2009               
Intel® Matrix Storage Manager        Intel Corporation        04.07.2009        37,3MB       
IrfanView (remove only)                17.09.2009        11,3MB       
iTunes        Apple Inc.        31.01.2012        169,7MB        10.5.3.3
Java DB 10.6.2.1        Oracle        09.07.2011        29,9MB        10.6.2.1
Java(TM) 6 Update 22        Oracle        26.01.2011        97,1MB        6.0.220
Java(TM) 6 Update 30        Oracle        20.10.2010        97,1MB        6.0.300
Java(TM) SE Development Kit 6 Update 26        Oracle        09.07.2011        152,0MB        1.6.0.260
Jeliot 3.7.2 (powered by AIFB)        Institute AIFB, University of Karlsruhe        20.11.2010               
Juniper Networks Network Connect 6.5.0        Juniper Networks        24.10.2010        6,45MB        6.5.0.14951
Juniper Networks Network Connect 7.0.0        Juniper Networks        14.11.2011        4,56MB        7.0.0.18809
Juniper Networks Setup Client        Juniper Networks        14.11.2011        2,09MB        2.2.5.10685
Kids entdecken den menschlichen Körper                13.05.2010        3,72MB        1.00.000
Launch Pad 1.0.3        FIC, Inc.        12.08.2008        7,07MB        1.0.3
Lexware Info Service        Haufe-Lexware GmbH & Co.KG        28.09.2011        12,4MB        2.70.00.0081
Logitech QuickCam        Fujitsu-Siemens        13.07.2009        29,7MB        11.51.1056
Logitech QuickCam-Treiberpaket                13.07.2009               
Malwarebytes Anti-Malware Version 1.60.1.1000        Malwarebytes Corporation        09.02.2012        11,5MB        1.60.1.1000
Mathe Klasse 1 - 4                18.10.2009        44,3MB       
meinHausplaner                21.11.2011        1.246MB       
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU        Microsoft Corporation        15.01.2011        37,0MB       
Microsoft .NET Framework 3.5 SP1        Microsoft Corporation        26.08.2009        27,8MB       
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        15.01.2011        120,3MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        15.01.2011        24,5MB        4.0.30319
Microsoft Office Enterprise 2007        Microsoft Corporation        30.08.2009        636MB        12.0.6425.1000
Microsoft Office Home and Student 2007        Microsoft Corporation        30.08.2009        297MB        12.0.6425.1000
Microsoft Office Live Add-in 1.3        Microsoft Corporation        15.01.2011        0,48MB        2.0.2313.0
Microsoft Office Outlook Connector        Microsoft Corporation        15.01.2011        6,13MB        12.0.6423.1000
Microsoft Office PowerPoint Viewer 2007 (German)        Microsoft Corporation        14.12.2011        51,0MB        12.0.6425.1000
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs        Microsoft Corporation        02.09.2009        0,12MB        12.0.4518.1014
Microsoft Silverlight        Microsoft Corporation        13.10.2011        40,2MB        4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        15.01.2011        1,74MB        3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86)        Microsoft Corporation        15.01.2011        0,61MB        1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86)        Microsoft Corporation        15.01.2011        1,45MB        1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        04.08.2009        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        16.06.2011        0,29MB        8.0.56336
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        15.01.2011        0,19MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        15.04.2011        0,58MB        9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        29.10.2009        0,58MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        26.01.2011        0,57MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        16.06.2011        0,58MB        9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        25.10.2011        16,5MB        10.0.40219
Microsoft Works        Microsoft Corporation        15.01.2011                9.7.0621
MpcStar 5.1        www.mpcstar.com        13.06.2011        51,8MB        5.1
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        04.08.2009        1,28MB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        15.01.2011        1,34MB        4.20.9876.0
MyPhoneExplorer        F.J. Wechselberger        09.12.2011        12,0MB        1.8.2
Nero 8 Essentials        Nero AG        04.07.2009        1.759MB        8.3.228
Nokia Connectivity Cable Driver        Nokia        18.11.2010        3,22MB        7.1.31.0
Nokia Ovi Application Installer 6.85.3011        Nokia        18.11.2010        61,9MB       
Nokia Ovi Content Copier 6.85.3011        Nokia        18.11.2010        61,9MB       
Nokia Ovi System Utilities 6.85.3018        Nokia        18.11.2010        61,9MB       
Nokia Photos        Nokia        18.11.2010        118,4MB        1.6.434
Nokia_Multimedia_Common_Components_2_5        Nokia        18.11.2010        18,9MB        2.6.86
NVIDIA Drivers                15.01.2011               
Octoshape Streaming Services                06.06.2010               
OpenOffice.org 3.3        OpenOffice.org        26.01.2011        413MB        3.3.9567
PC Connectivity Solution        Nokia        18.11.2010        12,8MB        10.39.0.0
PDF24 Creator 4.1.2        PDF24.org        21.12.2011        35,2MB       
PdfGrabber 5.0        PixelPlanet        20.09.2009        39,4MB        5.0.0.0
Picasa 3        Google, Inc.        13.02.2011        73,5MB        3.8
PlayReady PC runtime        Microsoft Corporation        12.08.2008        1,02MB        1
Power Manager 2.8.3        FIC, Inc.        12.08.2008        2,28MB        2.8.3
ProtectDisc Helper Driver 10                05.05.2010        96,00KB        10.0.0.3
QuickTime        Apple Inc.        01.11.2011        73,3MB        7.71.80.42
RealPlayer        RealNetworks        18.11.2010        92,6MB       
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        12.08.2008               
Rgb2Cmyk 1.3        Smokingun Graphics        17.09.2009        1,63MB        1.3
Roadkil's Unstoppable Copier Version 5.2        Roadkil.Net        26.01.2011        0,81MB       
Scribus 1.3.3.13        The Scribus Team        02.08.2009        73,8MB        1.3.3.13
Skype Toolbars        Skype Technologies S.A.        14.06.2011        6,58MB        5.3.7555
Skype™ 5.3        Skype Technologies S.A.        14.06.2011        22,6MB        5.3.116
Spelling Dictionaries Support For Adobe Reader 9        Adobe Systems Incorporated        20.03.2010        29,7MB        9.0.0
SystemDiagnostics        Fujitsu Siemens Computers              04.07.2009        13,6MB        2.01.0004
TAXMAN 2011        Haufe-Lexware GmbH & Co.KG        28.09.2011        451MB        17.05.00.0003
TomTom HOME 2.7.3.1894        TomTom        29.11.2009        48,7MB        2.7.3.1894
TomTom HOME Visual Studio Merge Modules        TomTom International B.V.        29.11.2009        1,88MB        1.0.2
Vista Codec Package        Shark007        08.11.2009        52,2MB        5.4.7
VLC media player 1.0.5        VideoLAN Team        07.05.2010        76,1MB        1.0.5
WGW Deutsch 1        TOPOS        14.03.2010        19,5MB        1.00.0000
WGW Deutsch 2        TOPOS        14.03.2010        13,8MB        1.00.0000
WGW Deutsch 3        TOPOS        14.03.2010        15,1MB        1.00.0000
WGW Deutsch 4        TOPOS        14.03.2010        17,0MB        1.00.0000
Windows Live Anmelde-Assistent        Microsoft Corporation        15.01.2011        1,93MB        5.000.818.5
Windows Live Essentials        Microsoft Corporation        15.01.2011        158,2MB        14.0.8117.0416
Windows Live Sync        Microsoft Corporation        15.01.2011        2,79MB        14.0.8117.416
Windows Live-Uploadtool        Microsoft Corporation        15.01.2011        0,22MB        14.0.8014.1029
Windows Mobile-Gerätecenter        Microsoft Corporation        29.09.2011        24,2MB        6.0.6783.0
Windows Mobile-Gerätecenter: Treiberupdate        Microsoft Corporation        29.09.2011        35,4MB        6.0.6783.0
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)        Nokia        18.11.2010                08/22/2008 7.0.0.0
Zahlenbuch 2                18.11.2009        108,4MB

kira 12.02.2012 12:17
4. und 5. bitte auch noch erledigen! :)

piranya 15.02.2012 17:02
war dabei aber hab nebenbei ne Prüfung geschrieben...

so nächster Schritt
[code]
GMER Logfile:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-02-15 16:59:29
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB4O
Running: ujo94itv.exe; Driver: C:\Users\FAMILI~1\AppData\Local\Temp\uxtyaaow.sys


---- System - GMER 1.0.15 ----

SSDT    908896AE                                                                                                                                            ZwCreateSection
SSDT    908896B8                                                                                                                                            ZwRequestWaitReplyPort
SSDT    908896B3                                                                                                                                            ZwSetContextThread
SSDT    908896BD                                                                                                                                            ZwSetSecurityObject
SSDT    908896C2                                                                                                                                            ZwSystemDebugControl
SSDT    9088964F                                                                                                                                            ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text  ntkrnlpa.exe!KeSetEvent + 215                                                                                                                        822B3998 4 Bytes  [AE, 96, 88, 90]
.text  ntkrnlpa.exe!KeSetEvent + 539                                                                                                                        822B3CBC 4 Bytes  [B8, 96, 88, 90]
.text  ntkrnlpa.exe!KeSetEvent + 56D                                                                                                                        822B3CF0 4 Bytes  [B3, 96, 88, 90]
.text  ntkrnlpa.exe!KeSetEvent + 5D1                                                                                                                        822B3D54 4 Bytes  [BD, 96, 88, 90]
.text  ntkrnlpa.exe!KeSetEvent + 619                                                                                                                        822B3D9C 4 Bytes  [C2, 96, 88, 90] {RET 0x8896; NOP }
.text  ...                                                                                                                                                 
?      System32\drivers\buwrttcw.sys                                                                                                                        Das System kann den angegebenen Pfad nicht finden. !
.text  C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                                                                            section is writeable [0x8EE00340, 0x3E6A37, 0xE8000020]
.reloc  C:\Windows\system32\drivers\acehlp10.sys                                                                                                            section is executable [0x8EAAAB80, 0x37FC7, 0xE0000060]
.reloc  C:\Windows\system32\drivers\acedrv10.sys                                                                                                            section is executable [0x8A3B8000, 0x459C1, 0xE0000060]

---- User code sections - GMER 1.0.15 ----

.text  C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] kernel32.dll!SetUnhandledExceptionFilter                                                772AA8C5 5 Bytes  [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- User IAT/EAT - GMER 1.0.15 ----

IAT    C:\Windows\system32\wuauclt.exe[172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                    [000B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\wuauclt.exe[172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                          [000B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\wuauclt.exe[172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                            [000B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\wuauclt.exe[172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                [000B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\RtHDVCpl.exe[900] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                            [003B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\RtHDVCpl.exe[900] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                                  [003B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\RtHDVCpl.exe[900] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                    [003B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\RtHDVCpl.exe[900] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                        [003B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Power Manager\PM.exe[928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                              [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Power Manager\PM.exe[928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                    [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Power Manager\PM.exe[928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                      [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Power Manager\PM.exe[928] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                          [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Media Player\wmpnscfg.exe[1260] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                [002D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Media Player\wmpnscfg.exe[1260] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                      [002D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Media Player\wmpnscfg.exe[1260] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                        [002D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Media Player\wmpnscfg.exe[1260] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                            [002D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\Apoint.exe[1536] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                              [003B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\Apoint.exe[1536] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                    [003B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\Apoint.exe[1536] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                      [003B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\Apoint.exe[1536] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                          [003B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                              [002C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                  [002C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                    [002C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Real\RealPlayer\Update\realsched.exe[1728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                        [002C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE[1936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                              [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE[1936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                    [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE[1936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                      [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE[1936] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                          [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[2104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                    [001A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[2104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                          [001A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[2104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]            [001A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe[2104] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                [001A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[2256] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                      [00802F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[2256] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                            [00802D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[2256] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                              [00802CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE[2256] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                  [00802CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Defender\MSASCui.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                      [00192F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Defender\MSASCui.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                          [00192D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Defender\MSASCui.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                            [00192CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Defender\MSASCui.exe[2604] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                [00192CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[2748] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [02512F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[2748] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                          [02512D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[2748] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]            [02512CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe[2748] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                [02512CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[2976] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [01D42F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[2976] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                            [01D42D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[2976] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]              [01D42CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe[2976] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                  [01D42CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Hotkey Utility\tray.exe[3132] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                          [003C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Hotkey Utility\tray.exe[3132] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                [003C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Hotkey Utility\tray.exe[3132] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                  [003C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Hotkey Utility\tray.exe[3132] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                      [003C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\rundll32.exe[3240] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                  [000A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\rundll32.exe[3240] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [000A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\rundll32.exe[3240] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [000A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\rundll32.exe[3240] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [000A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Launch Pad\LaunchPad.exe[3252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                          [00392F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Launch Pad\LaunchPad.exe[3252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                              [00392D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Launch Pad\LaunchPad.exe[3252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                [00392CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Launch Pad\LaunchPad.exe[3252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                    [00392CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown]                                                                [73D57817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage]                                                                [73DAA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI]                                                            [73D5BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode]                                                      [73D4F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup]                                                                [73D575E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC]                                                              [73D4E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM]                                                  [73D88395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream]                                                    [73D5DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight]                                                            [73D4FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth]                                                              [73D4FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage]                                                              [73D471CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM]                                                      [73DDCAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile]                                                          [73D7C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics]                                                            [73D4D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree]                                                                      [73D46853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc]                                                                      [73D4687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode]                                                        [73D52AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18342_none_9e54f8aaca13c773\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                            [027B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                                [027B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                                  [027B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\Explorer.EXE[3384] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                      [027B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                          [00732F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                [00732D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                  [00732CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[3684] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                      [00732CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3704] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [01A42F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3704] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                            [01A42D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3704] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]              [01A42CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[3704] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                  [01A42CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3856] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                  [003E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3856] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                        [003E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3856] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]          [003E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe[3856] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]              [003E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3888] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]          [002A2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3888] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                [002A2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3888] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]  [002A2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe[3888] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]      [002A2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\igfxsrvc.exe[3924] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                  [00922F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\igfxsrvc.exe[3924] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [00922D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\igfxsrvc.exe[3924] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [00922CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\igfxsrvc.exe[3924] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [00922CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Logitech\QuickCam\Quickcam.exe[3964] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                    [003B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Logitech\QuickCam\Quickcam.exe[3964] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                        [003B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Logitech\QuickCam\Quickcam.exe[3964] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                          [003B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Logitech\QuickCam\Quickcam.exe[3964] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                              [003B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\hkcmd.exe[3996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                      [003D2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\hkcmd.exe[3996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                          [003D2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\hkcmd.exe[3996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                            [003D2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\hkcmd.exe[3996] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                [003D2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\igfxpers.exe[4076] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                  [00372F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\igfxpers.exe[4076] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [00372D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\igfxpers.exe[4076] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [00372CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\igfxpers.exe[4076] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [00372CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\QuickTime\QTTask.exe[4252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                              [000E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\QuickTime\QTTask.exe[4252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                  [000E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\QuickTime\QTTask.exe[4252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                    [000E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\QuickTime\QTTask.exe[4252] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                        [000E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\pdf24\pdf24.exe[4276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                  [00D22F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\pdf24\pdf24.exe[4276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [00D22D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\pdf24\pdf24.exe[4276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [00D22CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\pdf24\pdf24.exe[4276] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [00D22CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [003C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                          [003C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]            [003C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe[4296] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                [003C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\iTunes\iTunesHelper.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                          [00902F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\iTunes\iTunesHelper.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                [00902D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\iTunes\iTunesHelper.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                  [00902CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\iTunes\iTunesHelper.exe[4304] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                      [00902CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Sidebar\sidebar.exe[4340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                      [000C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Sidebar\sidebar.exe[4340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                            [000C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Sidebar\sidebar.exe[4340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                              [000C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Sidebar\sidebar.exe[4340] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                  [000C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\ehome\ehtray.exe[4352] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                        [00222F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\ehome\ehtray.exe[4352] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                            [00222D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\ehome\ehtray.exe[4352] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                              [00222CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\ehome\ehtray.exe[4352] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                                  [00222CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4388] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                [002E2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4388] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                    [002E2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4388] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                      [002E2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Windows Live\Messenger\msnmsgr.exe[4388] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                          [002E2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [021C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                          [021C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]            [021C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                [021C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe[4436] @ C:\Windows\system32\NETAPI32.dll [PSAPI.DLL!GetModuleBaseNameW]                [759F159E] C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation)
IAT    C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe[4460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                  [00372F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe[4460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                        [00372D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe[4460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]          [00372CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe[4460] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]              [00372CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\ApMsgFwd.exe[4680] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                            [00262F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\ApMsgFwd.exe[4680] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                  [00262D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\ApMsgFwd.exe[4680] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                    [00262CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\ApMsgFwd.exe[4680] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                        [00262CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\OpenOffice.org 3\program\soffice.exe[4728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                              [011C2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\OpenOffice.org 3\program\soffice.exe[4728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                  [011C2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\OpenOffice.org 3\program\soffice.exe[4728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                    [011C2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\OpenOffice.org 3\program\soffice.exe[4728] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                        [011C2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\wbem\unsecapp.exe[5152] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                              [002B2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\wbem\unsecapp.exe[5152] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                  [002B2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\wbem\unsecapp.exe[5152] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                    [002B2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\wbem\unsecapp.exe[5152] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                        [002B2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\OpenOffice.org 3\program\soffice.bin[5184] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                              [01CE2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\OpenOffice.org 3\program\soffice.bin[5184] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                  [01CE2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\OpenOffice.org 3\program\soffice.bin[5184] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                    [01CE2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\OpenOffice.org 3\program\soffice.bin[5184] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                        [01CE2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\Apntex.exe[5320] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                              [00372F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\Apntex.exe[5320] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                    [00372D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\Apntex.exe[5320] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                      [00372CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Apoint2K\Apntex.exe[5320] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                          [00372CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[5552] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                      [01C82F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[5552] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                          [01C82D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[5552] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]            [01C82CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe[5552] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                [01C82CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\mobsync.exe[5912] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                    [001F2F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\mobsync.exe[5912] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [001F2D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\mobsync.exe[5912] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [001F2CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\System32\mobsync.exe[5912] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [001F2CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Users\Familie Caliebe\Desktop\ujo94itv.exe[17476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                    [00352F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Users\Familie Caliebe\Desktop\ujo94itv.exe[17476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                          [00352D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Users\Familie Caliebe\Desktop\ujo94itv.exe[17476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                            [00352CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Users\Familie Caliebe\Desktop\ujo94itv.exe[17476] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                [00352CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\conime.exe[18172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile]                                                    [00192F30] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\conime.exe[18172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose]                                                        [00192D00] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\conime.exe[18172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile]                                          [00192CA0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)
IAT    C:\Windows\system32\conime.exe[18172] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject]                                              [00192CD0] C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcInj.dll (Camera Helper Library./Logitech Inc.)

---- Registry - GMER 1.0.15 ----

Reg    HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001060d000f2 (not active ControlSet)                                                     
Reg    HKLM\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\001060d1bf38 (not active ControlSet)                                                     
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d000f2                                                                         
Reg    HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d1bf38                                                                         
Reg    HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001060d000f2 (not active ControlSet)                                                     
Reg    HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001060d1bf38 (not active ControlSet)                                                     
Reg    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat                                                              0xBB 0xB2 0x1B 0xE6 ...

---- EOF - GMER 1.0.15 ----
--- --- ---

[\code]

piranya 15.02.2012 17:09
Code:
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.0.6002 Disk: Hitachi_ rev.PB4O -> Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll ndis.sys NETw5v32.sys rdbss.sys
C:\Windows\system32\DRIVERS\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
C:\Windows\system32\DRIVERS\NETw5v32.sys Intel Corporation Intel® Wireless WiFi Link Adapter
1 ntkrnlpa!IofCallDriver[0x8224B912] -> \Device\Harddisk0\DR0[0x86762968]
3 CLASSPNP[0x8A9AC8B3] -> ntkrnlpa!IofCallDriver[0x8224B912] -> \Device\Ide\IAAStorageDevice-1[0x856D8028]
kernel: MBR read successfully
user & kernel MBR OK

piranya 15.02.2012 17:11
Ich denke ich hab jetzt alles gemacht. Bediene den Rechner im Moment auch nur hierfür.
LG
piranya

kira 16.02.2012 08:02
1.
Die alte Java-Versionen verbleiben auf dem PC...aus Sicherheitsgründen müssen entfernt werden,auch in Zukunft darauf achten!
deinstalliere:
Zitat:
Java(TM) 6 Update 22
2.
Wenn nicht bewusst installiert hast bzw nicht benötigst, kannst deinstallieren (unter Software):
Immer mehr Programme bringen eine Toolbar mit.(wie z.B. Google, Yaho,Messenger, Winamp, ICQ usw). Manche Zustimmung der User installiert, manche wieder ohne Wissen des Benutzers;) Viele davon sehr fehleranfällig und fressen eine Menge an Systemressourcen. Zur funktionstüchtigen Installation der jeweiligen Software ist Toolbar aber nicht notwendig, zudem die meisten modernen Browser mit vielen zusätzlichen Funktionen ausgestattet sind. Ausserdem die dazugehörigen Programme, funktionieren auch ohne...
- meiste Toolbars bzw Browserhelper wollen sich doch nur wichtig machen;)

3.
reinige dein System mit CCleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

4.
Zitat:
Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.15 08:01:46 | 000,000,113 | ---- | M] () - G:\Autorun.inf -- [ NTFS ]

:Commands
[purity]
[emptytemp]

5.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

6.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

7.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

8.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

piranya 16.02.2012 11:14
zu 4.:
Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File G:\Autorun.inf not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Familie Caliebe
->Temp folder emptied: 966300 bytes
->Temporary Internet Files folder emptied: 2450903 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9527686 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 12,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 02162012_110423

Files\Folders moved on Reboot...
File\Folder C:\Users\Familie Caliebe\AppData\Local\Temp\~DF444A.tmp not found!
File\Folder C:\Users\Familie Caliebe\AppData\Local\Temp\~DF44DC.tmp not found!
File\Folder C:\Users\Familie Caliebe\AppData\Local\Temp\~DF464D.tmp not found!
File\Folder C:\Users\Familie Caliebe\AppData\Local\Temp\~DF465B.tmp not found!
C:\Users\Familie Caliebe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\461HYYIU\109012-programm-webseite-anzeigen-trojaner-3[1].htm moved successfully.

Registry entries deleted on Reboot...

piranya 16.02.2012 11:36
OTL Logfile:
Code:
OTL logfile created on: 16.02.2012 11:15:52 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 49,99% Memory free
6,07 Gb Paging File | 4,38 Gb Available in Paging File | 72,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 15,44 Gb Free Space | 16,74% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 441,36 Gb Free Space | 94,76% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 327,71 Gb Free Space | 89,84% Space Free | Partition Type: NTFS
 
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.16 12:54:22 | 000,220,744 | ---- | M] (Geek Software GmbH) -- C:\Program Files\pdf24\pdf24.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.11.19 12:42:39 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.12 20:36:26 | 002,260,992 | ---- | M] (FIC) -- C:\Program Files\Launch Pad\LaunchPad.exe
PRC - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008.06.19 13:03:22 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe
PRC - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe
PRC - [2008.05.08 06:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008.04.20 17:30:16 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.03.14 12:09:56 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008.01.22 19:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.10.29 13:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007.10.04 17:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.01.27 10:13:37 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.12.21 20:09:26 | 000,016,832 | ---- | M] () -- C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll
MOD - [2008.06.19 13:14:12 | 000,107,280 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.dll
MOD - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
MOD - [2008.06.19 13:05:28 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
MOD - [2008.06.19 13:05:04 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
MOD - [2008.06.19 13:04:54 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll
MOD - [2008.06.19 13:04:08 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll
MOD - [2008.06.19 13:03:56 | 000,344,336 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll
MOD - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe
MOD - [2008.06.01 19:44:20 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe
MOD - [2005.07.22 20:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010.09.29 09:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.08.21 15:24:02 | 000,070,336 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService)
SRV - [2008.06.01 19:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.01.24 11:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.01.24 11:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012.02.15 21:47:54 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.12.10 15:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.12.09 14:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.17 17:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.01 19:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC)
DRV - [2008.06.01 19:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.06.01 19:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2008.06.01 19:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2008.05.27 12:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.05.01 07:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.15 16:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008.04.03 13:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008.03.25 15:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008.03.25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008.03.19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008.01.23 10:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.01.22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007.11.29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.10.18 13:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.10.02 10:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.07.27 11:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007.07.27 09:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007.01.04 19:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System | Running] -- C:\Windows\System32\WinIo.sys -- (WINIO)
DRV - [2005.01.07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Familie Caliebe\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.11.19 12:42:59 | 000,000,000 | ---D | M]
 
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.01.09 11:56:48 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
 
O1 HOSTS File: ([2011.07.15 03:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH))
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F1352B-26BE-42F8-A68D-EFC7DA290643}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.16 10:48:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.16 10:48:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.16 10:48:09 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.16 10:48:09 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.16 10:48:09 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.16 10:48:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.16 10:48:09 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.16 10:48:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.16 10:48:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.16 10:48:09 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.16 10:48:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.16 10:48:08 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.16 10:48:08 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.16 10:48:08 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.16 10:48:08 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.16 10:48:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.16 10:48:08 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.16 10:48:08 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.16 10:48:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.16 10:48:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.16 10:48:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.16 10:48:08 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.16 10:48:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.16 10:48:07 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.16 10:48:07 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.16 10:48:07 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.16 10:48:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.16 10:48:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.16 10:48:07 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.16 10:48:06 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.16 10:48:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.16 10:48:06 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.16 10:48:06 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.16 10:48:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.16 10:48:06 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.16 10:48:06 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.16 10:48:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.16 10:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.02.15 17:04:18 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.02.11 12:06:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.11 12:05:27 | 003,587,688 | ---- | C] (Piriform Ltd) -- C:\Users\Familie Caliebe\Desktop\ccsetup315.exe
[2012.02.11 11:32:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
[2012.02.11 02:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.11 02:36:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.10 22:11:43 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\Malwarebytes
[2012.02.10 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.10 22:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.10 22:11:30 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.08 16:58:25 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012.02.08 16:58:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.08 15:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.02.03 18:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator
[2012.02.03 15:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24
[2012.02.01 17:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.01 17:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.01 17:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.16 11:08:51 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.02.16 11:07:58 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.02.16 11:07:17 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.16 11:07:16 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.16 11:07:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.16 11:06:32 | 3150,782,464 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.16 11:05:16 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.16 10:48:23 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.02.16 10:48:23 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.02.16 10:48:10 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.16 10:48:10 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.16 10:48:09 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.16 10:48:09 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.16 10:48:09 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.16 10:48:09 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.16 10:48:09 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.16 10:48:09 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.16 10:48:09 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.16 10:48:09 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.16 10:48:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.16 10:48:08 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.16 10:48:08 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.16 10:48:08 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.16 10:48:08 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.16 10:48:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.16 10:48:08 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.16 10:48:08 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.16 10:48:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.16 10:48:08 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.16 10:48:08 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.02.16 10:48:08 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.16 10:48:08 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.16 10:48:07 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.16 10:48:07 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.16 10:48:07 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.16 10:48:07 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.16 10:48:07 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.16 10:48:07 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.16 10:48:07 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.16 10:48:06 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.16 10:48:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.16 10:48:06 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.16 10:48:06 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.16 10:48:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.16 10:48:06 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.16 10:48:06 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.16 10:48:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.16 10:45:39 | 000,359,908 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\cc_20120216_104503.reg
[2012.02.16 08:17:46 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.16 08:17:46 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.16 08:17:46 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.16 08:17:46 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.16 03:28:13 | 000,417,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.15 23:42:36 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
[2012.02.15 21:47:54 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.02.15 17:03:58 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe
[2012.02.15 17:03:58 | 000,089,088 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\mbr.exe
[2012.02.11 12:13:16 | 000,302,592 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\ujo94itv.exe
[2012.02.11 12:05:37 | 003,587,688 | ---- | M] (Piriform Ltd) -- C:\Users\Familie Caliebe\Desktop\ccsetup315.exe
[2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
[2012.02.03 19:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2012.02.01 10:31:07 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk
[2012.02.01 10:31:07 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
========== Files Created - No Company Name ==========
 
[2012.02.16 10:48:08 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.02.16 10:45:24 | 000,359,908 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\cc_20120216_104503.reg
[2012.02.15 17:05:20 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe
[2012.02.15 17:03:18 | 000,089,088 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\mbr.exe
[2012.02.11 12:13:12 | 000,302,592 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\ujo94itv.exe
[2012.02.10 21:47:55 | 3150,782,464 | -HS- | C] () -- C:\hiberfil.sys
[2011.11.24 16:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini
[2011.11.22 08:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2011.11.22 08:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2011.11.22 08:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2011.11.22 08:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2011.11.22 08:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2011.11.22 08:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2011.10.14 02:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.05.16 15:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
[2011.04.28 19:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.16 18:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.01.16 18:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.11.21 21:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png
[2010.05.08 18:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009.09.24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.08.31 19:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2009.08.05 09:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.07.19 14:56:48 | 000,049,152 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.14 13:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.07.14 13:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat
[2009.05.29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.08.13 14:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008.08.13 14:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008.08.13 14:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008.08.13 14:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.06.01 19:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008.04.25 13:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008.04.09 10:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.09 10:14:36 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.09 10:14:36 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.09 10:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.12.21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.04.21 09:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001.10.10 07:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll
[2001.10.10 07:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll
[2001.03.07 07:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll
 
========== LOP Check ==========
 
[2011.04.15 15:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon
[2010.11.22 00:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer
[2012.02.16 11:15:51 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox
[2010.12.09 17:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter
[2009.09.20 16:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0
[2009.10.19 20:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe
[2009.09.18 15:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView
[2011.12.14 10:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes
[2011.11.15 08:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks
[2009.08.04 10:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware
[2011.12.10 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer
[2011.04.27 20:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia
[2010.06.07 13:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape
[2011.01.27 10:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org
[2010.11.19 13:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite
[2009.09.20 23:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet
[2011.11.25 18:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg
[2011.05.12 22:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion
[2011.07.14 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer
[2009.07.14 13:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template
[2010.11.22 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom
[2009.11.09 19:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs
[2012.02.16 11:05:16 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.02.15 23:42:36 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A7F9B16A-C732-41E9-A0B1-7D81B56A73FD}.job
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---


[/code]
OTL Logfile:
Code:
OTL Extras logfile created on: 16.02.2012 11:15:52 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,47 Gb Available Physical Memory | 49,99% Memory free
6,07 Gb Paging File | 4,38 Gb Available in Paging File | 72,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 15,44 Gb Free Space | 16,74% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 441,36 Gb Free Space | 94,76% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 327,71 Gb Free Space | 89,84% Space Free | Partition Type: NTFS
 
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028B4C32-C2D9-4394-902F-B9142219333C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{04F92F9A-138C-42BC-921A-6E929B789ACE}" = lport=139 | protocol=6 | dir=in | app=system |
"{0CF2E451-41AC-4B16-B11E-81C4D558ADF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0F94B7EE-08A7-49B0-916F-DBEBF25DF505}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14B0B50E-0819-4BBD-84A1-F51E92743180}" = lport=138 | protocol=17 | dir=in | app=system |
"{177BBE08-15EF-4FFF-88EB-3E17CA93AFE0}" = rport=445 | protocol=6 | dir=out | app=system |
"{399FDB8C-5179-42B2-A847-F738A011EA7D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D2C6B5F-2B58-4FF8-995D-7B8DCC4AFA97}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4BB8119E-E588-4963-B0F7-667AA204AF76}" = rport=137 | protocol=17 | dir=out | app=system |
"{4C864EF2-4DB2-4AD5-829C-BAA34CA3F038}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4F230D45-7BEE-498C-85F3-091CC6D56780}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{529CD8FE-D9D3-46B8-8E7A-B6C8BA20C872}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56E53D23-9C46-4171-B4BD-EFEFDE2DBCA6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5FC96C63-4C16-45BD-AD48-836411891633}" = lport=137 | protocol=17 | dir=in | app=system |
"{61357620-41F8-48DD-AFFD-228457F83830}" = lport=10243 | protocol=6 | dir=in | app=system |
"{692D14CA-E8EA-4C5D-B2C8-4E124BE5ABC0}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{74C16965-AF24-48D7-B913-7A95C4B7A475}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8248A5D1-C496-4E05-AF87-7119575749AE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8345D527-2093-4C85-B5B9-DC13EF97E7CE}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8DF2E9DE-924C-48D9-A533-910B82DAD3F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F631649-75FD-476B-A8CA-F08361146E6D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{90F60FA8-7C36-4BC7-B476-A76F1CA349F8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{97A07EDA-C778-485D-8250-2B9526CD87A1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ADC075BE-47C4-4E1C-A951-89C496952C3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AEBCB133-9BA5-4C3A-8BC5-7408E0096418}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B157AC96-138D-42F7-9D03-1BD53F3AECEE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B16315F2-2295-4409-826B-EB0C60194D4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B787F7C8-758E-4D0B-AF40-4D0E936A6A40}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9EC8EB4-BAFD-4FC1-86E3-7E809FF82DF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C75F07D7-7439-4878-9700-FD62FB9ECB4E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C793794A-107A-466E-B0F5-044E487FF23F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{D4ECD863-4A9F-4CCC-A9DD-C95B8FE51F0C}" = rport=138 | protocol=17 | dir=out | app=system |
"{D81FE3F8-4BF9-4559-93B1-99B5F11296EF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E3A2B235-5E7E-41DE-8387-46E14FA5C8DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E3B52225-2D40-45DD-A1C6-344AE1ADB81B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EF823FEB-C81D-41FD-B2DB-2710D38C6451}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
"{EF8868C3-56E3-431F-A11B-766A1E15DE42}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F7E23D1C-F8DD-4FC6-8C12-18A78E2EE947}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FEF35F35-6B6E-4285-89AB-15789297896F}" = rport=139 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16CFECE3-6272-40FB-AC9F-6E6884EFD3F1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1CA5A966-6291-4188-86E8-C00AF13ECD63}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2C29F314-74C9-4645-A2AB-4BDAA7ACB000}" = protocol=6 | dir=out | app=system |
"{39BFA96F-2ED4-4B36-B4C8-47D40FAC1EA8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{400B3FCA-0462-4A41-A488-667BE7300515}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{53A783E9-71AA-49C6-BD46-B20324A38E94}" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{5A6464F6-6CCB-4BB3-B009-1B73CC55E515}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5BD806D7-EE42-4989-AFE3-874512F1DA7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5C0ACF25-5B53-4527-9C5A-3DDBD2095673}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5CE22F28-378D-401F-BBC1-259DF989CA9E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63920450-A1B2-4B2C-9F3E-AE7202AC6EAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6915F986-0CF0-4252-8CAB-AFA6862DD3CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7135FA55-D064-47C0-92B5-E9FCDB97D550}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73DBF261-8B04-4232-9CC0-3A2228604DB6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{783B9F82-EBCF-4356-9721-871AF9B48EEB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7BD13045-E407-4990-8AFB-C46B6BB72D35}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{83867EC9-0C61-4457-914A-618BA58C8DAF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84FC65AC-3E38-4200-9616-1E907C8EEFEF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8795D016-BA9E-48B7-A82C-74BAFCF420EC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{8D81974A-7E85-4B63-BDBE-D1C7F581150E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E09A290-C25D-47FA-9A86-A76DF1BFB6C2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{95EDE25A-A91A-4AD6-870B-45486836220C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{98B9728F-D9CC-4900-AEB7-D732AE63DE4D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9E6F1110-EDAC-421F-B014-E8017C3C09FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A571B085-7546-453C-9725-9451132E1348}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A945F80E-19B0-44E5-9D84-64B55D1C9357}" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{B785D447-A5FD-4085-8A20-E6A2A1E98237}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BB970AD3-2015-421D-908A-603B3B44452F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC909859-9709-48C2-8BEC-A1A4D49BA1F3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DDB96144-E043-4151-BE55-68856F397BD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E82D08A7-FE1F-47F8-95AC-6F0A7EAB25C8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EDE2310D-B442-416F-8C6D-96C4938DC523}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F34D272E-9668-447D-A99C-0171C0BA3F39}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8694076-8ED2-4F50-A017-ECBFC033E2EB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FE627DAE-22D5-467F-BF75-5F501F6FE7E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1E1C8E01-4AEF-4C56-899C-1F7C459F9BA9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5609AF03-403E-4DE3-86F7-B00CB7A481E5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{6BF93385-690E-4499-801D-1078C3703FA1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{98F3BF9B-15FA-4422-8583-8976FE9272A9}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B078E111-3752-49D8-BE05-196EC7484287}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"TCP Query User{BA5CA1E8-95E3-4CC8-B169-1A189813514E}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{CC4C04DA-F5A4-4241-BA10-350903397661}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3F29293B-5D3C-45AD-8614-A9E483ABC3A6}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"UDP Query User{464AC7C3-7144-49B9-B6F2-1AAC3E68BDB8}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6FF4DEB1-1A1D-4ADD-AE18-DBC082FFEC37}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{DE671AA4-6E71-430D-AD1A-FE34A34417D8}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{E0922CB7-D8F9-4A3F-A2B4-1201D6D809A8}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{EC9D70E0-90EE-47D0-837B-258412B13D92}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FFC939BE-D69D-4FE6-A423-41A311E2FBFF}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 08.02.2011 08:14:01 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:14:01 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:14:01 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:14:03 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:14:07 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 08:14:07 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 08.02.2011 16:03:58 | Computer Name = FamCaliebe-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.18999 arbeitet nicht mehr
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
 "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen.  Prozess-ID: 1d74  Anfangszeit: 01cbc78b727522d0  Zeitpunkt
 der Beendigung: 20
 
Error - 09.02.2011 15:07:48 | Computer Name = FamCaliebe-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 09.02.2011 15:08:04 | Computer Name = FamCaliebe-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll".
Die
 abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 09.02.2011 15:09:17 | Computer Name = FamCaliebe-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung NokiaOviSuite.exe, Version 2.2.0.245, Zeitstempel
 0x4c2da5db, fehlerhaftes Modul QtCore4.dll, Version 4.6.1.0, Zeitstempel 0x4b701363,
 Ausnahmecode 0xc0000005, Fehleroffset 0x0001a698,  Prozess-ID 0x1014, Anwendungsstartzeit
 01cbc88ca52afdd7.
 
[ OSession Events ]
Error - 05.05.2010 10:55:45 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 948
 seconds with 900 seconds of active time.  This session ended with a crash.
 
Error - 27.01.2011 06:03:18 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 10522 seconds with 120 seconds of active time.  This session ended with a
 crash.
 
Error - 18.02.2011 04:04:41 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 64754
 seconds with 6660 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 11.02.2012 07:18:20 | Computer Name = FamCaliebe-PC | Source = Ntfs | ID = 262199
Description = Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen
 Sie chkdsk auf Volume "SYSTEM" aus.
 
Error - 15.02.2012 22:25:07 | Computer Name = FamCaliebe-PC | Source = DCOM | ID = 10010
Description =
 
Error - 15.02.2012 22:33:57 | Computer Name = FamCaliebe-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 16.02.2012 04:46:36 | Computer Name = FamCaliebe-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.35 für die Netzwerkkarte mit der Netzwerkadresse
 00140B6445F7 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
Error - 16.02.2012 05:59:16 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 16.02.2012 05:59:17 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 16.02.2012 06:00:29 | Computer Name = FamCaliebe-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
Error - 16.02.2012 06:04:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7034
Description =
 
Error - 16.02.2012 06:04:25 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7034
Description =
 
Error - 16.02.2012 06:11:30 | Computer Name = FamCaliebe-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
 
 
< End of report >
--- --- ---

[/code]

piranya 16.02.2012 13:37
Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 02/16/2012 at 01:17 PM

Application Version : 5.0.1144

Core Rules Database Version : 8249
Trace Rules Database Version: 6061

Scan type      : Complete Scan
Total Scan Time : 01:25:24

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned      : 919
Memory threats detected  : 0
Registry items scanned    : 38657
Registry threats detected : 0
File items scanned        : 156019
File threats detected    : 15

Adware.Tracking Cookie
        C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\DBYW7PQ4.txt [ /2o7.net ]
        C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\IHK9LH8W.txt [ /atdmt.com ]
        C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\F37FOZQ0.txt [ /adfarm1.adition.com ]
        C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\2QU31VTP.txt [ /apmebf.com ]
        C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\B13QUEAR.txt [ /ad.yieldmanager.com ]
        C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\ZSMPFFZS.txt [ /fl01.ct2.comclick.com ]
        C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Cookies\M3HSF171.txt [ /ads.creative-serving.com ]
        C:\USERS\FAMILIE CALIEBE\AppData\Roaming\Microsoft\Windows\Cookies\familie_caliebe@www.google[2].txt [ Cookie:familie caliebe@www.google.com/accounts ]
        C:\USERS\FAMILIE CALIEBE\AppData\Roaming\Microsoft\Windows\Cookies\0QAAFLC4.txt [ Cookie:familie caliebe@google.com/accounts/ ]
        C:\USERS\FAMILIE CALIEBE\Cookies\DBYW7PQ4.txt [ Cookie:familie caliebe@2o7.net/ ]
        C:\USERS\FAMILIE CALIEBE\Cookies\familie_caliebe@www.google[2].txt [ Cookie:familie caliebe@www.google.com/accounts ]
        C:\USERS\FAMILIE CALIEBE\Cookies\F37FOZQ0.txt [ Cookie:familie caliebe@adfarm1.adition.com/ ]
        C:\USERS\FAMILIE CALIEBE\Cookies\2QU31VTP.txt [ Cookie:familie caliebe@apmebf.com/ ]
        C:\USERS\FAMILIE CALIEBE\Cookies\B13QUEAR.txt [ Cookie:familie caliebe@ad.yieldmanager.com/ ]
        C:\USERS\FAMILIE CALIEBE\Cookies\0QAAFLC4.txt [ Cookie:familie caliebe@google.com/accounts/ ]

piranya 16.02.2012 18:02
Also dieser online scan hat auch was gefunden ....
hier der log

Code:
C:\Program Files\VistaCodecPack\Tools\renderer32.exe        Win32/Packed.Autoit.E.Gen application        deleted - quarantined
C:\ProgramData\VistaCodecs\{CE8A1292-3EE0-42E0-9C78-DB078E7165F2}\Vista Codec Package.msi        Win32/Packed.Autoit.E.Gen application        deleted - quarantined

kira 17.02.2012 21:19
► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

piranya 19.02.2012 23:01
Hey, ich bin dabei sämtliche Programme durchzutesten.

Internet geht einwandfrei. Hochfahren des Rechners geht auch ohne Probleme.

Bis jetzt: Mein Excel ist zerschossen. Ich habe aber nicht alle Programme durch.

Ansonsten sind die Gründe für das Dilemma im Griff.

Jetzt stellt sich nur die Frage wie kann ich meinen Rechner schützen vor künftigen Angriffen?

LG
piranya

kira 20.02.2012 15:06
Zitat:
Zitat von piranya (Beitrag 777221)
Jetzt stellt sich nur die Frage wie kann ich meinen Rechner schützen vor künftigen Angriffen?
man kann nur hoffen! aber...

Privatsphäre, und mehr Sicherheit:

Man darf nicht denken oder glauben, das ein Antivirus und eine Firewall installiert sind und gut ist!

Zitat:
► Ein Anti-Viren-Programm bzw. Spezial-Tool, kann nur vor jenen Viren schützen (oder zumindest erkennen), die es auch kennt. Leider sehr oft Virenprogrammierer sind schneller auf dem Markt mit ihrem Produkt als Antivirenprogrammierer mit dem Gegenmittel. Es ist daher ganz natürlich, dass vom Zeitpunkt des Auftretens eines neuen Virus eine bestimmte Zeit vergeht,bis der Antivirenhersteller ein Gegenmittel in Form von Virendefinitionsfiles bereithält.;)
100%ige Sicherheit kann es nie geben, aber man kann einige offene Scheunentore schließen, um sich zu schützen. Wie bei den Fußball... es handelt sich um das kollektive Vorgehen gegen Malware. Jeder Benutzer muss dazu beitragen, die Computersicherheit von Windows weiter zu verstärken:
  • Software immer auf dem neuesten Stand halten!:[/u]
    ALLE auf dem System installierten Programme und Treiber, sollten regelmäßig upgedatet werden um Sicherheitslücken zu vermeiden und um das reibungslose Arbeitsabläufe zu erreichen!
  • NICHT mit einem "Administrator"-Konto im Internet surfen!
    -> Benutzerkonten in Windows XP - Teil 1: Neue Benutzerkonten anlegen ->eingeschränkten Benutzerkonto
  • Ein sicheres Passwort benutzen (sinnvollerweise mindestens 8 Stellen. - Groß- und Kleinbuchstaben, Zahlen und Sonderzeichen)
    -> Die sichere Passwort-Wahl - (Empfehlenswert in regelmäßigen Abständen ca. alle 3-5 Monate ändern)
    -> auch noch hier unter: Sicheres Kennwort (Password)
    -> Die fünf häufigsten Passwort-Fehler
  • Einen sicheren Browser (mit nützliche Erweiterungen kann ergänzt werden, wie z.B. "Adblock Plus") als Internet Explorer verwenden (auch sicher konfigurieren)
    -> Firefox - Erweiterungen für Firefox[/b]
    -> Opera
  • Ein sicheres Mailprogramm verwenden (auch sicher konfigurieren), auf Outlook und Outlook Express verzichten
    -> Sichere eMail Clients z.B. Thunderbird-->Erweiterungen für Mozilla Thunderbird[/color][/b][/size]
  • Besuch von Warez Seiten vermeiden (auf Filesharing-Software, Crack, Serial, Keygens verzichten, um sich eine Raubkopie zu besorgen)
    ► Ausserdem machst Du dich damit strafbar!
  • Mails mit unbekanntem Absender und/oder unzutreffender Betreffzeile nicht öffnen ("besonders aufpassen" mit schlechtem Deutsch, oder in Englisch verfasstes Mails)
  • Verdächtige Links im Chat-Programm nicht anklicken/öffnen ("besonders aufpassen" mit schlechtem Deutsch geschriebenen, oder einen in Englisch verfassten Text)
  • Programme und Treiber nur von Herstellerseite!
  • Während des Installationsprozesses, die Lizenzvereinbarung unbedingt lesen!:
    Verzichte möglichst auf zusätzlich angebotene Programme, Erweiterungen wie z.B. Toolbars etc! Es soll möglich sein den Haken, durch Klick auf das Kästchen zu entfernen
    Aus finanzielle Interessen (durch Sponsoren), werden oft Adware , sog. Partnerprogramme, div. Browserhelper, Toolbars und andere unnütze Programme, mit oder ohne ausdrückliches Einverständnis des Users "mitinstalliert" oder angeboten. Prüfe in regelmäßigen Abständen alle auf dem System installierten Programme und im Browser die "Erweiterungen, nicht zulätzt deine bevorzugte Webseite als Startseite!
    -> Neuste Betrugsprogramme-> Was sind Rogue Antivirenprogramme?/Rogue Antivirus. Wikipedia
  • Mein Antivirus Programm gibt eine Warnung aus - War das jetzt ein Fehlaram oder eine echte Trojanermeldung?
    Funde nie gleich löschen lassen, sondern "Verweigern" oder Quarantäne wählen!
    - Danach unter Eigenschaften nach Herkunft schauen, und bei Virustotal prüfen lassen um eine zweite Meinung einzuholen
    - Für weitere Vorgehen erkundige dich lieber bei Fachleuten!
  • Datensicherung/Vorbeugung - Malwarebefall & wenn Windows nicht mehr hochkommt:
    Eine regelmäßige Datensicherung erleichtert nicht nur ein eventuell notwendig gewordenes Neuaufsetzen des Systems nach einem Malwarebefall sondern beugt auch dem Datenverlust durch defekte Festplatten vor. Das System kann auf verschiedenster Art manipuliert worden sein, Malware kann von gehackten Webseiten kommen, über USB-Sticks und MP3-Player von Freunden, gebrannten CD´s usw. und das "Böse" muss auch nicht erst seit heute auf dem Rechner sein! Erstelle ein Backup nur, wenn der Rechner absolut 100%ig sauber ist! Eventuell Lass dich vorher fachmännisch beraten.
  • Onlinebanking:
    Gib deine Passwörter niemals preis!
    Seriöse Bankinstitute, E- Mail- Provider oder Online- Shops versenden grundsätzlich keine E- Mails, in denen Kunden aufgefordert werden, vertrauliche Daten wie Passwörter, Verfügernummer, PINs oder TANs preiszugeben. Bei dieser Art von E- Mails handelt es sich immer um Betrugsversuche, weshalb entsprechende Anfragen nicht beantwortet werden sollten. Sobald der Verdacht auf Betrug entsteht, melde deinen Verdacht der jeweiligen Bank- Hotline.

zur Nachkontrolle:

erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

piranya 23.02.2012 16:06
Hi Kira, nachdem ich versucht hab mein excel zu deinstallieren endete alles in einer Neuinstallation des ganzen Office Pakets und ich bin mir nicht so sicher, ob das so gut war. Ich werde meine Daten auf eine Partition ziehen, von dort ein backup machen und meinen Rechner Platt machen, sicher ist sicher.

Hier nochmal die OTL files:

OTL Logfile:
Code:
OTL logfile created on: 23.02.2012 15:51:20 - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 50,46% Memory free
6,07 Gb Paging File | 3,53 Gb Available in Paging File | 58,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 19,11 Gb Free Space | 20,72% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 439,20 Gb Free Space | 94,30% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 326,85 Gb Free Space | 89,61% Space Free | Partition Type: NTFS
 
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.15 00:03:14 | 024,246,216 | ---- | M] (Dropbox, Inc.) -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
PRC - [2012.01.20 19:16:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.16 12:54:22 | 000,220,744 | ---- | M] (Geek Software GmbH) -- C:\Program Files\pdf24\pdf24.exe
PRC - [2011.10.11 14:00:02 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011.07.27 04:06:16 | 013,002,608 | ---- | M] (Microsoft Corporation) -- C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
PRC - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.11.19 12:42:39 | 000,274,608 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.12 20:36:26 | 002,260,992 | ---- | M] (FIC) -- C:\Program Files\Launch Pad\LaunchPad.exe
PRC - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
PRC - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2008.06.19 13:03:22 | 000,407,824 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe
PRC - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe
PRC - [2008.05.08 06:19:26 | 006,139,904 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2008.04.20 17:30:16 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.03.14 12:09:56 | 002,938,184 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2008.01.22 19:13:08 | 000,288,072 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.10.29 13:30:14 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007.10.04 17:39:42 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PRC - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006.11.02 13:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.17 10:47:15 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012.02.17 10:47:12 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012.02.16 11:49:45 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012.02.16 11:49:45 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011.10.05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.01.27 10:13:37 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009.08.17 22:54:46 | 000,136,520 | ---- | M] () -- C:\PROGRA~1\MICROS~2\Office12\OUTLCTL.DLL
MOD - [2008.10.26 04:42:14 | 000,065,376 | ---- | M] () -- C:\PROGRA~1\MICROS~2\Office12\ADDINS\COLLEA~1.DLL
MOD - [2008.06.19 13:14:12 | 000,107,280 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\LAppRes.dll
MOD - [2008.06.19 13:07:44 | 002,184,464 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\Quickcam.exe
MOD - [2008.06.19 13:05:28 | 000,149,264 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
MOD - [2008.06.19 13:05:04 | 000,165,136 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
MOD - [2008.06.19 13:04:54 | 000,138,000 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll
MOD - [2008.06.19 13:04:08 | 000,167,184 | ---- | M] () -- C:\Program Files\Logitech\QuickCam\EFVal.dll
MOD - [2008.06.19 13:03:56 | 000,344,336 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll
MOD - [2008.06.19 13:03:46 | 000,563,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
MOD - [2008.06.05 23:42:14 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe
MOD - [2008.06.01 19:44:20 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2008.05.22 18:10:10 | 001,675,264 | ---- | M] () -- C:\Program Files\Power Manager\PM.exe
MOD - [2006.10.27 14:35:18 | 000,436,512 | ---- | M] () -- C:\PROGRA~1\MICROS~2\Office12\ADDINS\UMOUTL~1.DLL
MOD - [2005.07.22 20:30:18 | 000,065,536 | ---- | M] () -- C:\Windows\System32\TosCommAPI.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Programmchen\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.07.08 21:32:14 | 000,666,696 | ---- | M] (Juniper Networks) [Auto | Running] -- C:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService)
SRV - [2010.09.29 09:57:46 | 000,616,448 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.04.05 20:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2009.11.13 12:31:14 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009.08.21 15:24:02 | 000,070,336 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService)
SRV - [2008.06.01 19:47:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008.06.01 19:45:40 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.06.01 19:43:58 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008.04.25 13:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008.04.20 17:30:20 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.09.28 15:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007.01.24 11:21:24 | 000,375,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.01.24 11:21:14 | 000,177,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012.02.15 21:47:54 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.12.10 15:05:49 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.10.11 14:00:01 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 14:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.12.09 14:10:40 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dsNcAdpt.sys -- (dsNcAdpt)
DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.17 17:41:00 | 007,611,616 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.01 19:46:36 | 003,644,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) 1.3 MP Webcam(UVC)
DRV - [2008.06.01 19:45:06 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.06.01 19:44:54 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2008.06.01 19:43:24 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2008.05.27 12:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.05.01 07:35:54 | 003,660,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.15 16:17:18 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008.04.03 13:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008.03.25 15:24:22 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008.03.25 12:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2008.03.19 10:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008.01.23 10:19:44 | 000,171,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2008.01.22 19:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2007.11.29 08:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007.10.18 13:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007.10.02 10:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.07.27 11:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007.07.27 09:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007.01.04 19:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | System | Running] -- C:\Windows\System32\WinIo.sys -- (WINIO)
DRV - [2005.01.07 04:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 19 50 DC 43 B5 C1 CB 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Familie Caliebe\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.11.19 12:42:59 | 000,000,000 | ---D | M]
 
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie Caliebe\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011.01.09 11:56:48 | 000,000,000 | ---D | M] (Long Titles) -- C:\PROGRAM FILES\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
 
O1 HOSTS File: ([2011.07.15 03:39:13 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [LaunchPad] C:\Program Files\Launch Pad\LaunchPad.exe (FIC)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Programmchen\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Familie Caliebe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} https://picasaweb.google.com/s/v/71.25/uploader2.cab (UploadListView Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} hxxp://www.o2c.de/download/o2cplayer.cab (o2c Player (ELECO Software GmbH))
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://213.146.232.238/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://vpn-split.kit.edu/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74F1352B-26BE-42F8-A68D-EFC7DA290643}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB303501-7B79-4119-B373-F5AF1B598B00}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.21 15:21:35 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2012.02.21 14:55:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.02.16 14:17:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.02.16 11:49:29 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\SUPERAntiSpyware.com
[2012.02.16 11:48:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.02.16 11:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.02.16 11:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.02.16 10:48:10 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.16 10:48:10 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.16 10:48:09 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.16 10:48:09 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.16 10:48:09 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.16 10:48:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.16 10:48:09 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.16 10:48:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.16 10:48:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.16 10:48:09 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.16 10:48:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.16 10:48:08 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.16 10:48:08 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.16 10:48:08 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.16 10:48:08 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.16 10:48:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.16 10:48:08 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.16 10:48:08 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.16 10:48:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.16 10:48:08 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.16 10:48:08 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.16 10:48:08 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.16 10:48:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.16 10:48:07 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.16 10:48:07 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.16 10:48:07 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.16 10:48:07 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.16 10:48:07 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.16 10:48:07 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.16 10:48:06 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.16 10:48:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.16 10:48:06 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.16 10:48:06 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.16 10:48:06 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.16 10:48:06 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.16 10:48:06 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.16 10:48:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.16 10:36:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.02.15 17:04:18 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.02.11 12:06:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.02.11 12:05:27 | 003,587,688 | ---- | C] (Piriform Ltd) -- C:\Users\Familie Caliebe\Desktop\ccsetup315.exe
[2012.02.11 11:32:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
[2012.02.11 02:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.02.11 02:36:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012.02.11 02:36:15 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012.02.10 22:11:43 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Roaming\Malwarebytes
[2012.02.10 22:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.10 22:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.10 22:11:30 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.08 16:58:25 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012.02.08 16:58:16 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.02.08 15:05:53 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.02.03 18:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\InetAccelerator
[2012.02.03 15:35:11 | 000,000,000 | ---D | C] -- C:\Users\Familie Caliebe\AppData\Local\PDF24
[2012.02.01 17:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.01 17:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.01 17:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.23 15:46:01 | 000,050,688 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.23 15:16:49 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.23 15:16:49 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.23 10:31:15 | 000,001,000 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\Dropbox.lnk
[2012.02.23 10:31:15 | 000,000,980 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.02.22 11:10:06 | 000,000,680 | RHS- | M] () -- C:\Users\Familie Caliebe\ntuser.pol
[2012.02.20 13:16:56 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.02.20 13:16:55 | 000,050,725 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.02.20 13:16:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.17 11:02:29 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.17 11:02:29 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.17 11:02:29 | 000,127,464 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.17 11:02:29 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.17 10:45:19 | 3150,782,464 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.17 00:47:14 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.17 00:22:36 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2012.02.16 14:30:13 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012.02.16 10:48:23 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.02.16 10:48:23 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.02.16 10:48:10 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.16 10:48:10 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.16 10:48:09 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.16 10:48:09 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.16 10:48:09 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.16 10:48:09 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.16 10:48:09 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.16 10:48:09 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.16 10:48:09 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.16 10:48:09 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.16 10:48:09 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.16 10:48:08 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.16 10:48:08 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.16 10:48:08 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.16 10:48:08 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.16 10:48:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.16 10:48:08 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.16 10:48:08 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.16 10:48:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.16 10:48:08 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.16 10:48:08 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.02.16 10:48:08 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.16 10:48:08 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.16 10:48:07 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.16 10:48:07 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.16 10:48:07 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.16 10:48:07 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.16 10:48:07 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.16 10:48:07 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.16 10:48:07 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.16 10:48:06 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.16 10:48:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.16 10:48:06 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.16 10:48:06 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.16 10:48:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.16 10:48:06 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.16 10:48:06 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.16 10:48:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.16 10:45:39 | 000,359,908 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\cc_20120216_104503.reg
[2012.02.16 03:28:13 | 000,417,312 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.15 21:47:54 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.02.15 17:03:58 | 000,089,088 | ---- | M] () -- C:\Windows\System32\mbr.exe
[2012.02.15 17:03:58 | 000,089,088 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\mbr.exe
[2012.02.11 12:13:16 | 000,302,592 | ---- | M] () -- C:\Users\Familie Caliebe\Desktop\ujo94itv.exe
[2012.02.11 12:05:37 | 003,587,688 | ---- | M] (Piriform Ltd) -- C:\Users\Familie Caliebe\Desktop\ccsetup315.exe
[2012.02.11 11:32:14 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Familie Caliebe\Desktop\OTL.exe
[2012.02.03 19:03:49 | 000,002,032 | ---- | M] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2012.01.29 05:10:42 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
 
========== Files Created - No Company Name ==========
 
[2012.02.22 11:04:51 | 000,000,680 | RHS- | C] () -- C:\Users\Familie Caliebe\ntuser.pol
[2012.02.17 00:22:36 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.02.16 14:30:01 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.02.16 13:31:36 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012.02.16 10:48:08 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.02.16 10:45:24 | 000,359,908 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\cc_20120216_104503.reg
[2012.02.15 17:05:20 | 000,089,088 | ---- | C] () -- C:\Windows\System32\mbr.exe
[2012.02.15 17:03:18 | 000,089,088 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\mbr.exe
[2012.02.11 12:13:12 | 000,302,592 | ---- | C] () -- C:\Users\Familie Caliebe\Desktop\ujo94itv.exe
[2012.02.10 21:47:55 | 3150,782,464 | -HS- | C] () -- C:\hiberfil.sys
[2011.11.24 16:24:14 | 000,000,086 | ---- | C] () -- C:\Windows\WIWWI.ini
[2011.11.22 08:52:24 | 000,000,089 | ---- | C] () -- C:\Windows\System32\MSBII.dll
[2011.11.22 08:41:58 | 000,032,768 | ---- | C] () -- C:\Windows\System32\WKAuxil.dll
[2011.11.22 08:41:57 | 000,338,944 | ---- | C] () -- C:\Windows\System32\lffpx7.dll
[2011.11.22 08:41:57 | 000,118,784 | ---- | C] () -- C:\Windows\System32\lfkodak.dll
[2011.11.22 08:41:48 | 000,017,920 | ---- | C] () -- C:\Windows\System32\implode.dll
[2011.11.22 08:41:46 | 003,782,416 | ---- | C] () -- C:\Windows\System32\mso97.dll
[2011.10.14 02:08:24 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011.05.16 15:58:42 | 000,012,959 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
[2011.04.28 19:15:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.16 18:37:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.01.16 18:37:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010.11.21 21:08:11 | 000,017,089 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\UserTile.png
[2010.05.08 18:22:41 | 000,290,816 | ---- | C] () -- C:\Windows\System32\decdll.dll
[2009.09.24 00:46:04 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.08.31 19:22:32 | 000,002,032 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\d3d9caps.dat
[2009.08.05 09:29:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.07.19 14:56:48 | 000,050,688 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.14 13:50:31 | 000,061,455 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2009.07.14 13:46:06 | 000,000,280 | ---- | C] () -- C:\Users\Familie Caliebe\AppData\Roaming\wklnhst.dat
[2009.05.29 16:52:26 | 000,204,800 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.05.29 16:47:06 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.08.13 15:07:08 | 000,050,725 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.08.13 14:53:14 | 002,192,024 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2008.08.13 14:53:13 | 000,492,496 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2008.08.13 14:53:13 | 000,147,172 | ---- | C] () -- C:\Windows\System32\igfcg550.bin
[2008.08.13 14:14:14 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008.06.01 19:45:06 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2008.04.25 13:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2008.04.09 10:14:37 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.09 10:14:36 | 000,632,252 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.09 10:14:36 | 000,127,464 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.09 10:14:36 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2007.12.21 15:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2007.09.04 12:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,417,312 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,598,900 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,104,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.04.21 09:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
[2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2001.10.10 07:57:58 | 000,073,786 | ---- | C] () -- C:\Windows\System32\dntvmc23.dll
[2001.10.10 07:57:58 | 000,061,497 | ---- | C] () -- C:\Windows\System32\dntvm23.dll
[2001.03.07 07:02:30 | 000,229,431 | ---- | C] () -- C:\Windows\System32\dnt23.dll
 
========== LOP Check ==========
 
[2011.04.15 15:27:06 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Canon
[2010.11.22 00:49:56 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\CometPlayer
[2012.02.23 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Dropbox
[2010.12.09 17:27:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\FreeVideoConverter
[2009.09.20 16:23:25 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\gtk-2.0
[2009.10.19 20:44:08 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Haufe
[2009.09.18 15:49:30 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\IrfanView
[2011.12.14 10:46:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Jumping Bytes
[2011.11.15 08:17:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Juniper Networks
[2009.08.04 10:03:24 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Lexware
[2011.12.10 15:25:11 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\MyPhoneExplorer
[2011.04.27 20:19:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Nokia
[2010.06.07 13:45:50 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Octoshape
[2011.01.27 10:59:54 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\OpenOffice.org
[2010.11.19 13:39:32 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PC Suite
[2009.09.20 23:33:36 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\PixelPlanet
[2011.11.25 18:12:53 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Soerg
[2011.05.12 22:08:21 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Subversion
[2011.07.14 20:43:40 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TeamViewer
[2009.07.14 13:46:17 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\Template
[2010.11.22 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TigerPlayer
[2009.11.30 21:53:35 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\TomTom
[2009.11.09 19:10:07 | 000,000,000 | ---D | M] -- C:\Users\Familie Caliebe\AppData\Roaming\VistaCodecs
[2012.02.17 00:47:16 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

[/code]

OTL Logfile:
Code:
OTL Extras logfile created on: 23.02.2012 15:51:20 - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Familie Caliebe\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,93 Gb Total Physical Memory | 1,48 Gb Available Physical Memory | 50,46% Memory free
6,07 Gb Paging File | 3,53 Gb Available in Paging File | 58,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 19,11 Gb Free Space | 20,72% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 439,20 Gb Free Space | 94,30% Space Free | Partition Type: NTFS
Drive E: | 364,76 Gb Total Space | 326,85 Gb Free Space | 89,61% Space Free | Partition Type: NTFS
 
Computer Name: FAMCALIEBE-PC | User Name: Familie Caliebe | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{028B4C32-C2D9-4394-902F-B9142219333C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{04F92F9A-138C-42BC-921A-6E929B789ACE}" = lport=139 | protocol=6 | dir=in | app=system |
"{0CF2E451-41AC-4B16-B11E-81C4D558ADF0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0F94B7EE-08A7-49B0-916F-DBEBF25DF505}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14B0B50E-0819-4BBD-84A1-F51E92743180}" = lport=138 | protocol=17 | dir=in | app=system |
"{177BBE08-15EF-4FFF-88EB-3E17CA93AFE0}" = rport=445 | protocol=6 | dir=out | app=system |
"{399FDB8C-5179-42B2-A847-F738A011EA7D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D2C6B5F-2B58-4FF8-995D-7B8DCC4AFA97}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4BB8119E-E588-4963-B0F7-667AA204AF76}" = rport=137 | protocol=17 | dir=out | app=system |
"{4C864EF2-4DB2-4AD5-829C-BAA34CA3F038}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4F230D45-7BEE-498C-85F3-091CC6D56780}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{529CD8FE-D9D3-46B8-8E7A-B6C8BA20C872}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56E53D23-9C46-4171-B4BD-EFEFDE2DBCA6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5FC96C63-4C16-45BD-AD48-836411891633}" = lport=137 | protocol=17 | dir=in | app=system |
"{61357620-41F8-48DD-AFFD-228457F83830}" = lport=10243 | protocol=6 | dir=in | app=system |
"{692D14CA-E8EA-4C5D-B2C8-4E124BE5ABC0}" = lport=1034 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4003 |
"{74C16965-AF24-48D7-B913-7A95C4B7A475}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8248A5D1-C496-4E05-AF87-7119575749AE}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8345D527-2093-4C85-B5B9-DC13EF97E7CE}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{8DF2E9DE-924C-48D9-A533-910B82DAD3F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F631649-75FD-476B-A8CA-F08361146E6D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{90F60FA8-7C36-4BC7-B476-A76F1CA349F8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{97A07EDA-C778-485D-8250-2B9526CD87A1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{ADC075BE-47C4-4E1C-A951-89C496952C3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AEBCB133-9BA5-4C3A-8BC5-7408E0096418}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B157AC96-138D-42F7-9D03-1BD53F3AECEE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B16315F2-2295-4409-826B-EB0C60194D4C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B787F7C8-758E-4D0B-AF40-4D0E936A6A40}" = lport=445 | protocol=6 | dir=in | app=system |
"{B9EC8EB4-BAFD-4FC1-86E3-7E809FF82DF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C75F07D7-7439-4878-9700-FD62FB9ECB4E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C793794A-107A-466E-B0F5-044E487FF23F}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4006 |
"{D4ECD863-4A9F-4CCC-A9DD-C95B8FE51F0C}" = rport=138 | protocol=17 | dir=out | app=system |
"{D81FE3F8-4BF9-4559-93B1-99B5F11296EF}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E3A2B235-5E7E-41DE-8387-46E14FA5C8DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{E3B52225-2D40-45DD-A1C6-344AE1ADB81B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EF823FEB-C81D-41FD-B2DB-2710D38C6451}" = lport=5721 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdc.exe,-4002 |
"{EF8868C3-56E3-431F-A11B-766A1E15DE42}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F7E23D1C-F8DD-4FC6-8C12-18A78E2EE947}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FEF35F35-6B6E-4285-89AB-15789297896F}" = rport=139 | protocol=6 | dir=out | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16CFECE3-6272-40FB-AC9F-6E6884EFD3F1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{1CA5A966-6291-4188-86E8-C00AF13ECD63}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2C29F314-74C9-4645-A2AB-4BDAA7ACB000}" = protocol=6 | dir=out | app=system |
"{39BFA96F-2ED4-4B36-B4C8-47D40FAC1EA8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{400B3FCA-0462-4A41-A488-667BE7300515}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{53A783E9-71AA-49C6-BD46-B20324A38E94}" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{5A6464F6-6CCB-4BB3-B009-1B73CC55E515}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5BD806D7-EE42-4989-AFE3-874512F1DA7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5C0ACF25-5B53-4527-9C5A-3DDBD2095673}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5CE22F28-378D-401F-BBC1-259DF989CA9E}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63920450-A1B2-4B2C-9F3E-AE7202AC6EAC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6915F986-0CF0-4252-8CAB-AFA6862DD3CC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7135FA55-D064-47C0-92B5-E9FCDB97D550}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73DBF261-8B04-4232-9CC0-3A2228604DB6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{783B9F82-EBCF-4356-9721-871AF9B48EEB}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7BD13045-E407-4990-8AFB-C46B6BB72D35}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{83867EC9-0C61-4457-914A-618BA58C8DAF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{84FC65AC-3E38-4200-9616-1E907C8EEFEF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8795D016-BA9E-48B7-A82C-74BAFCF420EC}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{8D81974A-7E85-4B63-BDBE-D1C7F581150E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E09A290-C25D-47FA-9A86-A76DF1BFB6C2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{95EDE25A-A91A-4AD6-870B-45486836220C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{98B9728F-D9CC-4900-AEB7-D732AE63DE4D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{9E6F1110-EDAC-421F-B014-E8017C3C09FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A571B085-7546-453C-9725-9451132E1348}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A945F80E-19B0-44E5-9D84-64B55D1C9357}" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"{B785D447-A5FD-4085-8A20-E6A2A1E98237}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BB970AD3-2015-421D-908A-603B3B44452F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DC909859-9709-48C2-8BEC-A1A4D49BA1F3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DDB96144-E043-4151-BE55-68856F397BD7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E82D08A7-FE1F-47F8-95AC-6F0A7EAB25C8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EDE2310D-B442-416F-8C6D-96C4938DC523}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F34D272E-9668-447D-A99C-0171C0BA3F39}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F8694076-8ED2-4F50-A017-ECBFC033E2EB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{FE627DAE-22D5-467F-BF75-5F501F6FE7E5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{1E1C8E01-4AEF-4C56-899C-1F7C459F9BA9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5609AF03-403E-4DE3-86F7-B00CB7A481E5}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{6BF93385-690E-4499-801D-1078C3703FA1}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{98F3BF9B-15FA-4422-8583-8976FE9272A9}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B078E111-3752-49D8-BE05-196EC7484287}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"TCP Query User{BA5CA1E8-95E3-4CC8-B169-1A189813514E}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"TCP Query User{CC4C04DA-F5A4-4241-BA10-350903397661}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{3F29293B-5D3C-45AD-8614-A9E483ABC3A6}C:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\downloads\eclipse-jee-helios-sr2-win32\eclipse\eclipse.exe |
"UDP Query User{464AC7C3-7144-49B9-B6F2-1AAC3E68BDB8}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{6FF4DEB1-1A1D-4ADD-AE18-DBC082FFEC37}C:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |
"UDP Query User{DE671AA4-6E71-430D-AD1A-FE34A34417D8}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{E0922CB7-D8F9-4A3F-A2B4-1201D6D809A8}C:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\familie caliebe\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{EC9D70E0-90EE-47D0-837B-258412B13D92}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{FFC939BE-D69D-4FE6-A423-41A311E2FBFF}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series" = Canon MG5100 series MP Drivers
"{15B2BC56-D179-4450-84B9-7A8D7F4CE1B9}" = Lexware Info Service
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F2A5DF9-40E1-4644-ADBD-D80F347BA6C8}" = Windows Mobile-Gerätecenter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32180A3A-F7F0-4BD9-924A-B3A271DD35AE}" = Caillous Vorschule
"{32A3A4F4-B792-11D6-A78A-00B0D0160260}" = Java(TM) SE Development Kit 6 Update 26
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3526C5B8-60EE-4199-BEFD-6BCC86F051B9}" = TAXMAN 2011
"{373C3C97-2FA9-4E18-85A2-255060C21031}" = Nero 8 Essentials
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{64F974D4-135B-4BB9-9791-CD94AEBDAE5C}" = WGW Deutsch 1
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6B56E0F8-762D-46F8-846D-D9609116997E}" = WGW Deutsch 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D9B4C6B-7879-477A-B5EE-7DF068B91F34}" = PdfGrabber 5.0
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.1.2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{93FFBCB3-9DC8-4807-8E2B-D36E9C18A289}" = WGW Deutsch 4
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-0122-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.0 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AFC454ED-A26F-4816-826B-C35129D82E1F}" = Fujitsu Siemens Computers Recovery
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B4848E3A-A9B8-4091-A3A2-3941B9AABC5E}" = Logitech QuickCam
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile-Gerätecenter: Treiberupdate
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D07C4EDD-1E82-4D66-A2E9-2A819A9E8A0D}" = Kids entdecken den menschlichen Körper
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E024F0D3-63D6-4C2A-BB94-7667FB125822}" = WGW Deutsch 2
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E3DBED25-09EE-45FE-BE53-4B07B0CBA0FC}" = PC Connectivity Solution
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F55CA27A-8C3C-4E7D-891B-D29FD3259A94}" = TAXMAN 2008
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F9EA1C47-64A6-45E4-9A80-8CC1575B971D}" = Nokia Ovi System Utilities
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 9.20
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"Canon MG5100 series Benutzerregistrierung" = Canon MG5100 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CCleaner" = CCleaner
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Free Video Converter_is1" = Free Video Converter V 2.9
"GPL Ghostscript 8.64" = GPL Ghostscript 8.64
"GSview 4.9" = GSview 4.9
"Hotkey Utility_is1" = Hotkey Utility
"IrfanView" = IrfanView (remove only)
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper Network Connect 7.0.0" = Juniper Networks Network Connect 7.0.0
"Launch Pad_is1" = Launch Pad 1.0.3
"lvdrivers_11.51" = Logitech QuickCam-Treiberpaket
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mathe Klasse 1 - 4" = Mathe Klasse 1 - 4
"meinHausplaner" = meinHausplaner
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"MpcStar" = MpcStar 5.1
"MPE" = MyPhoneExplorer
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3018
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"Power Manager_is1" = Power Manager 2.8.3
"PROSet" = Intel(R) Network Connections Drivers
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"RealPlayer 12.0" = RealPlayer
"Rgb2Cmyk_is1" = Rgb2Cmyk 1.3
"Scribus 1.3.3.13" = Scribus 1.3.3.13
"TomTom HOME" = TomTom HOME 2.7.3.1894
"VLC media player" = VLC media player 1.0.5
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"Zahlenbuch 2" = Zahlenbuch 2
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Jeliot 3.7.2 (powered by AIFB)" = Jeliot 3.7.2 (powered by AIFB)
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Octoshape Streaming Services" = Octoshape Streaming Services
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
Error - 12.02.2011 22:29:04 | Computer Name = FamCaliebe-PC | Source = OviSuite | ID = 1
Description =
 
[ OSession Events ]
Error - 05.05.2010 10:55:45 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 948
 seconds with 900 seconds of active time.  This session ended with a crash.
 
Error - 27.01.2011 06:03:18 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 10522 seconds with 120 seconds of active time.  This session ended with a
 crash.
 
Error - 18.02.2011 04:04:41 | Computer Name = FamCaliebe-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 64754
 seconds with 6660 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 21.02.2012 22:12:25 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21.02.2012 22:12:55 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 21.02.2012 22:12:55 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21.02.2012 22:13:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 21.02.2012 22:13:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21.02.2012 22:13:51 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 21.02.2012 22:13:51 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 21.02.2012 22:14:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 21.02.2012 22:14:24 | Computer Name = FamCaliebe-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 22.02.2012 19:41:05 | Computer Name = FamCaliebe-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.35 für die Netzwerkkarte mit der Netzwerkadresse
 00140B6445F7 wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
 hat eine DHCPNACK-Meldung gesendet).
 
 
< End of report >
--- --- ---

[/code]

kira 23.02.2012 16:34

Datensicherung:
► NUR Daten sichern, die nicht ausführbaren Dateien enthalten - Dateiendungen - Dies ist eine Liste von Dateiendungen, die Dateien mit ausführbarem Code bezeichnen können.
- Vorsicht mit den schon vorhandenen Dateien auf die extern gespeicherten Daten und auch jetzt mit dem Virus infizierte Dateien eine Datensicherung anzufertigen
- Am besten alles was dir sehr wichtig, separat (extern) sichern - nicht mischen eventuell früher geschicherten Daten, also vor dem Befall!
- Eventuell gecrackte Software nicht sichern und dann auf neu aufgesetztem System wieder drauf installieren!

- Vor zurückspielen - bevor du mit deinem PC direkt ins Netz gehst...:
- die Autoplay-Funktion für alle Laufwerke deaktivieren/ausschalten -> Autorun/Autoplay gezielt für Laufwerkstypen oder -buchstaben abschalten

Die auf eine externe Festplatte gesicherten Daten, gründlich zu scannen von einem suaberen System aus, am besten mit mehreren Scannern-> Kostenlose Online Scanner - Anleitung


-> Anleitung: Neuaufsetzen des Systems + Absicherung
-> Anleitung zum Neuaufsetzen - Windows XP, Vista und Win7


Ich würde Dir vorsichtshalber raten, dein Passwort zu ändern
z.B. Login-, Mail- oder Website-Passwörter
Tipps:
Die sichere Passwort-Wahl - (sollte man eigentlich regelmäßigen Abständen ca. alle 3-5 Monate ändern)
auch noch hier unter: Sicheres Kennwort (Password)

Tipps & Hilfe:
-> Anleitung: Neuaufsetzen des Systems + Absicherung
-> Neuaufsetzen (Windows XP, Vista und Windows 7) - Anleitungen


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:39 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131