Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.10.2012, 15:46   #1
Pixidom
 
Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



Hallo,

wie schon einige andere hier, hab ich mir auch was eingefangen...
Wie schon in der Überschrift beschrieben, hatte ich einen weißen Bildschirm, mit der Meldung, dass die Internetseite nicht mehr angezeigt werden kann. Auch der Taskmanager erschien nur für ein paar Sekunden und ich konnte den Rechner nur neustarten. Zum Glück lies der Rechner sich im abgesicherten Modus starten.

Jetzt habe ich mich hier schon durch die Beiträge gelesen und schon folgendes im abgesicherten Modus unternommen:

1. malware installiert und Scan gestartet (Ergebnis im Anhang vor und nach der Löschung der Funde)
2. OTL von Oldtimer installiert und Scan gestartet
3. GMER installiert und Scan gestartet (Ergebnis im Anhang)

Nachdem ich die Sachen durchgeführt habe, konnte ich den Rechner hochfahren, jedoch musste eine Systemreparatur von Windows durchgeführt werden. Jetzt ist der weiße Bildschirm weg und alles läuft wieder, außer dass Modzilla nicht startet.

Ist mein Rechner jetzt sauber? Bin ein totaler Newbie, was Virenbekämpfung usw. angeht.

Vielen Dank schonmal.
Angehängte Dateien
Dateityp: txt mbam-log-2012-10-06 (11-46-47).txt (3,3 KB, 168x aufgerufen)
Dateityp: txt mbam-log-2012-10-06 (14-08-54).txt (3,1 KB, 167x aufgerufen)
Dateityp: txt OTL.Txt (77,4 KB, 174x aufgerufen)
Dateityp: txt Extras.Txt (80,1 KB, 233x aufgerufen)
Dateityp: log gmer.log (1,0 KB, 164x aufgerufen)

Alt 08.10.2012, 08:39   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



Hi,

Logfiles bitte nicht anhängen, sondern mit Codetags in den Thread posten.



Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.



  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.



Jetzt noch ein frisches OTL log bitte.
__________________

__________________

Alt 08.10.2012, 13:53   #3
Pixidom
 
Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



Hallo Schrauber,

vielen Dank für die schnelle Antwort. Hier folgende Ergebnisse von R1:

# AdwCleaner v2.004 - Datei am 08/10/2012 um 13:04:40 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzer : Johanna - JOHANNA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Johanna\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Program Files\Ask.com
Ordner Gefunden : C:\Users\Johanna\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\Ask.com.tmp
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKU\S-1-5-21-538443753-909013608-791444126-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKU\S-1-5-21-538443753-909013608-791444126-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6001.18000

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v8.0.1 (de)

Profilname : default
Datei : C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\gwba7b7t.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [4443 octets] - [08/10/2012 13:04:40]

########## EOF - C:\AdwCleaner[R1].txt - [4503 octets] ##########

Ergebnis S1:


# AdwCleaner v2.004 - Datei am 08/10/2012 um 13:07:10 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Benutzer : Johanna - JOHANNA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Johanna\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\Johanna\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6001.18000

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v8.0.1 (de)

Profilname : default
Datei : C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\gwba7b7t.default\prefs.js

C:\Users\Johanna\AppData\Roaming\Mozilla\Firefox\Profiles\gwba7b7t.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [4572 octets] - [08/10/2012 13:04:40]
AdwCleaner[S1].txt - [4159 octets] - [08/10/2012 13:07:10]

########## EOF - C:\AdwCleaner[S1].txt - [4219 octets] ##########

Ergebnis OTL:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08.10.2012 13:20:40 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Johanna\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,58 Gb Available Physical Memory | 29,33% Memory free
4,21 Gb Paging File | 2,39 Gb Available in Paging File | 56,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,96 Gb Total Space | 1,55 Gb Free Space | 2,06% Space Free | Partition Type: NTFS
Drive D: | 3,71 Gb Total Space | 1,25 Gb Free Space | 33,68% Space Free | Partition Type: FAT32
Drive E: | 72,62 Gb Total Space | 14,58 Gb Free Space | 20,07% Space Free | Partition Type: NTFS
 
Computer Name: JOHANNA-PC | User Name: Johanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Johanna\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Johanna\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Mail\WinMail.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
PRC - C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
PRC - C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - c:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\1e33a9b2c58db182dd6c7d057ad49e4c\TCrdMain.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6bebfe5b7776c84cb38efdb2a7c9d447\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\415ef2ec8cbd9f3368da6ade10beae26\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c1498ba4652483d5adddd4c5d3927170\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\29d729043903b7b4b2ea695db220d866\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Windows\System32\ac3filter.acm ()
MOD - C:\Programme\Winamp\winampa.exe ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
MOD - C:\Programme\TOSHIBA\FlashCards\de\TCrdMain.resources.dll ()
MOD - C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
MOD - C:\Windows\System32\igfxTMM.dll ()
MOD - C:\Programme\TOSHIBA\ConfigFree\NotifyCFF.dll ()
MOD - C:\Programme\IDM\Desktop SMS\oehook.dll ()
MOD - C:\Programme\TOSHIBA\TBS\NotifyTBS.dll ()
MOD - C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll ()
MOD - C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll ()
MOD - C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()
MOD - C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe File not found
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_5891ae0.dll ()
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$AUTODESKVAULT) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (Autodesk Licensing Service) -- C:\Programme\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (C-DillaCdaC11BA) -- C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (TNaviSrv) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TosCoSrv) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA Bluetooth Service) -- c:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Tosrfcom) --  File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (GEARAspiWDM) -- System32\Drivers\GEARAspiWDM.sys File not found
DRV - (cpuz132) -- C:\Users\Johanna\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (CdaC15BA) -- C:\Windows\System32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV - (QIOMem) -- C:\Windows\System32\drivers\QIOMem.sys (TOSHIBA)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (iaNvStor) -- C:\Windows\System32\drivers\iaNvStor.sys (Intel Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (KR10N) -- C:\Windows\System32\drivers\KR10N.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\System32\drivers\KR10I.sys (TOSHIBA CORPORATION)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-538443753-909013608-791444126-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-538443753-909013608-791444126-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-538443753-909013608-791444126-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-538443753-909013608-791444126-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-538443753-909013608-791444126-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-538443753-909013608-791444126-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-538443753-909013608-791444126-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GCNV_de
IE - HKU\S-1-5-21-538443753-909013608-791444126-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-538443753-909013608-791444126-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.1&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Johanna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.02.01 19:32:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.07 15:30:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.02 12:21:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009.07.09 18:33:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.08.31 19:41:30 | 000,000,000 | ---D | M]
 
[2011.07.02 12:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johanna\AppData\Roaming\mozilla\Extensions
[2012.10.06 11:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johanna\AppData\Roaming\mozilla\Firefox\Profiles\gwba7b7t.default\extensions
[2012.07.01 08:54:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Johanna\AppData\Roaming\mozilla\Firefox\Profiles\gwba7b7t.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.07.25 20:02:54 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Johanna\AppData\Roaming\mozilla\Firefox\Profiles\gwba7b7t.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.09.30 18:11:00 | 000,000,950 | ---- | M] () -- C:\Users\Johanna\AppData\Roaming\mozilla\firefox\profiles\gwba7b7t.default\searchplugins\icqplugin-1.xml
[2011.12.09 15:45:25 | 000,000,950 | ---- | M] () -- C:\Users\Johanna\AppData\Roaming\mozilla\firefox\profiles\gwba7b7t.default\searchplugins\icqplugin-2.xml
[2011.11.23 21:41:44 | 000,001,056 | ---- | M] () -- C:\Users\Johanna\AppData\Roaming\mozilla\firefox\profiles\gwba7b7t.default\searchplugins\icqplugin.xml
[2011.12.09 15:45:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.09 15:45:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.10.06 11:41:55 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.06 11:41:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.06 11:41:55 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.06 11:41:55 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.06 11:41:55 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.06 11:41:55 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: InoViewer Plugin (Enabled) = C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Johanna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\S-1-5-21-538443753-909013608-791444126-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe (Corel Corporation)
O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Programme\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-538443753-909013608-791444126-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-538443753-909013608-791444126-1000..\Run: [Akamai NetSession Interface] C:\Users\Johanna\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-538443753-909013608-791444126-1000..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-538443753-909013608-791444126-1000..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found
O4 - Startup: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pampers Pregnancy Widget.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-538443753-909013608-791444126-1000\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-538443753-909013608-791444126-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} hxxp://picasaweb.google.com/s/v/e/38.05/57go2Ejy5T0/uploader2.cab (UploadListView Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldde-de.cab (MSN Photo Upload Tool)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://www.video.rubotherm.de/activex/AMC.cab (AxisMediaControlEmb Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDFAFA5-1B4D-434A-9700-E1B7D90A5E0E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.02 18:22:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a1406d22-cebf-11dd-bd22-001b2448b9ad}\Shell\1\Command - "" = D:\.\recycled\info.exe
O33 - MountPoints2\{a1406d22-cebf-11dd-bd22-001b2448b9ad}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\.\recycled\info.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.08 13:19:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Johanna\Desktop\OTL.exe
[2012.10.08 12:41:25 | 000,000,000 | -HSD | C] -- C:\found.001
[2012.10.06 11:45:40 | 000,000,000 | ---D | C] -- C:\Users\Johanna\AppData\Roaming\Malwarebytes
[2012.10.06 11:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.06 11:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 21:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ipjgsxkseyyphtr
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.08 13:19:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Johanna\Desktop\OTL.exe
[2012.10.08 13:12:47 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.08 13:11:26 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.08 13:11:26 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.08 13:11:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.08 13:11:14 | 2137,432,064 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.08 12:59:54 | 000,538,327 | ---- | M] () -- C:\Users\Johanna\Desktop\adwcleaner.exe
[2012.10.08 12:57:04 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.10.07 15:51:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.07 15:39:21 | 000,686,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.07 15:39:21 | 000,643,612 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.07 15:39:21 | 000,150,994 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.07 15:39:21 | 000,122,800 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.05 21:47:05 | 000,076,348 | ---- | M] () -- C:\ProgramData\fjfnxkmxgrngiyf
[2012.10.02 13:05:20 | 000,000,680 | ---- | M] () -- C:\Users\Johanna\AppData\Local\d3d9caps.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.08 12:59:35 | 000,538,327 | ---- | C] () -- C:\Users\Johanna\Desktop\adwcleaner.exe
[2012.10.07 14:11:42 | 2137,432,064 | -HS- | C] () -- C:\hiberfil.sys
[2012.10.05 21:46:58 | 000,076,348 | ---- | C] () -- C:\ProgramData\fjfnxkmxgrngiyf
[2011.06.01 15:49:31 | 000,000,839 | ---- | C] () -- C:\Users\Johanna\.recently-used.xbel
[2010.12.14 21:38:17 | 000,038,791 | ---- | C] () -- C:\Program Files\https .pdf
[2009.07.18 19:38:27 | 000,000,174 | ---- | C] () -- C:\Users\Johanna\AppData\Roaming\default.rss
[2009.03.28 16:19:01 | 000,001,074 | RH-- | C] () -- C:\Users\Johanna\XrxWm.ini
[2009.03.28 16:19:01 | 000,000,522 | RH-- | C] () -- C:\Users\Johanna\xw45cpdy.dyc
[2009.01.26 16:02:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008.08.27 11:22:12 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2008.06.11 21:42:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.04.04 22:39:32 | 000,000,680 | ---- | C] () -- C:\Users\Johanna\AppData\Local\d3d9caps.dat
[2008.04.04 10:00:17 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.12.15 00:39:18 | 000,026,340 | ---- | C] () -- C:\Users\Johanna\AppData\Roaming\UserTile.png
[2007.12.14 17:45:42 | 000,070,144 | ---- | C] () -- C:\Users\Johanna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.14 14:56:17 | 000,000,016 | -H-- | C] () -- C:\Users\Johanna\AppData\Roaming\mxfilerelatedcache.mxc2
[2007.12.14 14:56:17 | 000,000,016 | -H-- | C] () -- C:\Users\Johanna\AppData\Local\mxfilerelatedcache.mxc2
[2007.12.14 14:56:15 | 000,000,016 | -H-- | C] () -- C:\Users\Johanna\mxfilerelatedcache.mxc2
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 06:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.18 23:36:50 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2008.02.28 21:11:53 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Ansys
[2008.02.28 21:12:42 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Autodesk
[2008.06.29 00:58:39 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Bidgood Svcs
[2009.08.18 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Camfrog
[2009.07.21 19:54:29 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Canneverbe_Limited
[2011.10.08 20:36:00 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Canon
[2009.06.09 17:59:49 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\CoSoSys
[2007.12.14 23:15:02 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\DesktopSMS
[2012.07.07 09:52:24 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\GARMIN
[2010.12.16 16:24:45 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\gtk-2.0
[2012.02.16 21:17:21 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\ICQ
[2009.05.02 14:25:10 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\MAGIX
[2008.11.27 19:54:02 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\OpenOffice.org
[2009.01.26 16:19:52 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Samsung
[2008.09.10 15:15:48 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Thunderbird
[2009.04.07 13:26:35 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\WEB.DE
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:24051EFF

< End of report >
         
--- --- ---

Ergebnis Extras:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 08.10.2012 13:20:42 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Johanna\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,58 Gb Available Physical Memory | 29,33% Memory free
4,21 Gb Paging File | 2,39 Gb Available in Paging File | 56,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,96 Gb Total Space | 1,55 Gb Free Space | 2,06% Space Free | Partition Type: NTFS
Drive D: | 3,71 Gb Total Space | 1,25 Gb Free Space | 33,68% Space Free | Partition Type: FAT32
Drive E: | 72,62 Gb Total Space | 14,58 Gb Free Space | 20,07% Space Free | Partition Type: NTFS
 
Computer Name: JOHANNA-PC | User Name: Johanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_USERS\S-1-5-21-538443753-909013608-791444126-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041AF952-8E5A-42B6-B6AD-F223A2577FFC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0EC8CCC9-0F29-484A-B307-70F8EEF2B8AE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1A14070D-94FB-4D08-9296-497939731706}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{1DC68E03-96A3-4661-BFCE-7D60952D1AD9}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1EA7C90E-E6ED-4531-8392-DA1EACF99DAE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{3C79B41D-861E-4D18-9ED7-C3F56BE454A2}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{3F78B2C1-6C57-47E4-B497-BCEF50D19708}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{4AFC4492-BFB1-463A-B3E7-0BD16582D6BA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4D352766-E979-4500-BCB6-E3A14BB2305D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{4D9AC3F2-9430-4FCA-9D8F-45308B1C88DB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{535ECBB0-20E6-4E0E-A1D9-7D402691025E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{5540EEFC-EBAE-435E-BD16-21F33840D103}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{62276CD2-DD88-4D9B-8E15-C9BB19C8B872}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{6A04F09A-2156-45EC-9941-966CB3568D40}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{828E4195-8B24-4845-917E-5B983345CA18}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{8AFB3AFB-5C40-49FF-BB01-3B4C6DF68896}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{A5EADF52-256B-4E12-B9C1-EBF047F84492}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B2AB1630-1461-4F91-B886-2B3CC3BD8BAE}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{C3E4FCED-23F5-4BC7-8531-C15C0214022C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C768D658-6BC1-43FC-8ABF-7241F25F2393}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CB4AE7AE-5A3E-4EAB-B7E1-29F7391DC7DA}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{CDC2A578-9241-4A34-935A-0535F6D73D11}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D64478D7-E5F8-4E3B-AC5B-FF2F6350210C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{EBDF2DCD-9823-435B-90F5-F928F2804A15}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{EDD71FB1-5B47-4571-A576-8F2F54F8AE8F}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{F3A47D36-3853-4A08-9A87-36E27B3E97B9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{F5F55092-AFEE-42F6-ABF2-B49A5F85FD06}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F7ED51F5-12E0-4185-8A3B-D64917644472}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{FE064E17-22B8-450D-AC9F-F4283AF4C2B9}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{FF0A8871-A5F8-4A49-90C6-C1A8F23C0B65}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0289D286-B706-42CB-9C90-CD427F7AF4C5}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{07501249-8B1E-4636-8BDA-5E8075010241}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{12E3C9DD-A90D-47DF-B36B-AA82C81ECBC1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{1FD5F212-465D-4680-9699-847E3885967C}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{2646BB2B-45F5-45FF-AA0C-D8CEF190EA9C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"{2A28A498-879A-4516-B820-FAA9DB88AB0D}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe | 
"{319ECA4A-6BCE-47D3-BF15-C67E7C8DCCC1}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{31A34035-A0D7-47BA-83E8-B48959F64E0D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{3F426031-8BCE-43A7-B880-A9C3C5D5C65E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{4223FD60-2591-4967-AF93-DAD9DBCC20CB}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{4505874A-AF4F-42E6-AD39-9AD4E6DD980D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{4D0BAA6D-FE95-45B9-806D-C6BEC7C05328}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{526BE3DD-6695-4013-803E-69B8FD6D51E7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{64389381-0A50-48E5-81F2-442C5D73B378}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{681EB077-431A-4EB1-8A37-F0D691BAE789}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{6A0010EB-938A-4048-8B95-3A39BE727E2B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{6A7268DD-A34A-457F-B2E5-0AA3CA50A104}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{710D9208-9C1D-436E-A44D-E9632035FEDF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{72AB8151-8E80-4693-ADF5-FE743E152BC0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{77EF003F-69A2-49C2-B6CB-03073EDDCCE5}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{7C6EC9C1-79D3-4971-A4DE-DE7217DFE49E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{7F2E64CA-822E-4F92-A2A5-BB56306060A1}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"{95FAD2D3-8DF2-473D-96F9-763ECFA6262D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{AD367C40-28A4-4A0E-8856-90392A45A7AA}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | 
"{B679ABC0-3A03-462B-B8D9-52566F17D258}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{BEA843C0-BC85-48DD-A561-27AD827633C7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D0AC1D40-3B3D-47D4-AB88-B2344C08E041}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | 
"{D223EA66-8ADC-4DBB-9C27-89408EC42E20}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{D50D0D88-3E76-499F-8D15-9044648E8218}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{D590473D-4D46-401D-A6B0-5E13537DBA4E}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe | 
"{DF0C90F3-737C-4EA7-A250-8FEAE2978FF8}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"{F852777A-E705-46D8-B5FC-22C1D92CC917}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe | 
"{F994768E-F638-47DA-BF06-93D21343D8D7}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe | 
"{FC6FB95C-C7B5-4F02-A450-72B6F5735FFB}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe | 
"TCP Query User{2203F96C-8512-44B7-B532-BB22E976071D}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{2B628896-0379-444A-8C39-0A991670B8E6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{4E2B03F9-5DD4-49B0-9467-EE708A309ED3}C:\users\johanna\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=6 | dir=in | app=c:\users\johanna\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe | 
"TCP Query User{6BA2D1CA-10AA-46AB-976A-AA7CF8380BC2}C:\users\johanna\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe" = protocol=6 | dir=in | app=c:\users\johanna\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe | 
"TCP Query User{7C095B73-AD78-4055-89CB-C193E3EE7DA7}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe | 
"TCP Query User{BA9587F2-1FE2-43A3-8C4A-FA8B17C3E247}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe | 
"TCP Query User{C7B574B9-551F-49E3-8916-8FC5F082888E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"TCP Query User{D9CB2E8E-C65C-4279-B52A-4AACDF675C5E}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{E8020F8B-9670-457F-A10C-1C0988E5CADD}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{F2BE5914-442F-45E8-B574-2BBEF696402E}C:\users\johanna\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\johanna\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{32C7F1A0-3C4C-4058-A2EC-2FC31934C758}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe | 
"UDP Query User{4227A7A9-06A8-4F05-B613-6BC0F66BF058}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{832EF9E5-4148-41E6-ABB8-AE3CADF539D2}C:\users\johanna\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe" = protocol=17 | dir=in | app=c:\users\johanna\appdata\local\yahoo!\messenger for vista\yahoo.messenger.ymapp.exe | 
"UDP Query User{8F69F258-C7DB-468D-9879-CD767446B886}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe | 
"UDP Query User{AB45F347-BEDD-4B81-9B5B-010B2906091B}C:\users\johanna\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\johanna\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{B060497E-8EF8-41C9-8D6A-C4F197BAE1DE}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{BC14CAE5-E421-4AFE-B21C-0F1228208BB0}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{D5DED9B7-F208-4886-A7A7-4369EE73CB0C}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
"UDP Query User{EEA05994-9E3F-4DD1-A9E9-43A8CD4A5E32}C:\users\johanna\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe" = protocol=17 | dir=in | app=c:\users\johanna\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe | 
"UDP Query User{FB40E293-41F4-40D7-B692-C906A718D312}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (AUTODESKVAULT)
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0ADF1B89-17EA-489C-86DF-6E33DA8520A6}_is1" = flatster
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{130E5108-547F-4482-91EE-F45C784E08C7}" = HP Officejet 6500 E710n-z Hilfe
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}" = Corel Graphics Suite 11
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3EBC0693-0A27-4B50-90A1-A8B688911C7A}" = Samsung PC Studio 3
"{41A00174-B4EA-4E79-9CAF-DC118A878B92}" = Garmin City Navigator Europe NT 2012.10 Update
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{49B85E35-3C56-4420-9A0A-D125348A2D7F}" = TOSHIBA Supervisor Password
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4fea005d-546b-44b8-bc5b-8e06286f38ba}" = Nero 9 Trial
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{56995235-B76E-44A6-BA17-8FF13D3F907A}" = TOSHIBA Benutzerhandbücher
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5783F2D7-0201-0407-0002-0060B0CE6BBA}" = AutoCAD 2004
"{5783F2D7-6013-0407-0002-0060B0CE6BBA}" = Autodesk Mechanical Desktop 2008
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}" = Garmin USB Drivers
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6F411DB4-EC41-482B-AD46-384957928F69}" = AOEMView 2008
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75674E4C-CDE5-4E64-8014-FDF6D9204C4B}" = HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F4DD591-1200-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2008
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{871DF2BE-41D2-4334-AC33-839AF16FC8FE}" = Cisco Systems VPN Client 5.0.02.0090
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B81CF96-0223-40E9-B6E7-1461F450B605}" = TOSHIBA Hardware Setup
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PRJSTDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_VISSTDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRJSTDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_VISSTDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRJSTDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_VISSTDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PRJSTDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_VISSTDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2007
"{90120000-0054-0407-0000-0000000FF1CE}_VISSTDR_{3CB0380B-0413-4C44-A63B-DCD6369EAF4E}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PRJSTDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_VISSTDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B4-0407-0000-0000000FF1CE}" = Microsoft Office Project MUI (German) 2007
"{90120000-00B4-0407-0000-0000000FF1CE}_PRJSTDR_{C8D442F2-CF33-486E-8079-A704A2E80A39}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Turbo Memory und Intel Matrix Storage Manager
"{91120000-003A-0000-0000-0000000FF1CE}" = Microsoft Office Project Standard 2007
"{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}" = Microsoft Office Project 2007 Service Pack 3 (SP3)
"{91120000-0053-0000-0000-0000000FF1CE}" = Microsoft Office Visio Standard 2007
"{91120000-0053-0000-0000-0000000FF1CE}_VISSTDR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B96DB037-DBEA-4186-9081-9CBD537F82E8}" = 3D-Viewer-innoPlus
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BBAAAD82-6242-420F-86D4-BD72BB5E6C86}" = Tools für Microsoft SQL Server 2005 Express Edition
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E55B00B0-9DBF-4EE1-AC1D-5DEBE12BD097}" = Autodesk Vault 2008
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection
"Akamai" = Akamai NetSession Interface Service
"AOEMView 2008" = AOEMView 2008
"Audiograbber" = Audiograbber 1.83 SE 
"Autodesk Express Viewer" = Autodesk Express Viewer
"Autodesk Mechanical Desktop 2008" = Autodesk Mechanical Desktop 2008
"Autodesk Vault 2008" = Autodesk Vault 2008
"avast" = avast! Free Antivirus
"Avira AntiVir Desktop" = Avira Free Antivirus
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CCleaner" = CCleaner (remove only)
"CdaC13Ba" = SafeCast Shared Components
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CutePDF Writer Installation" = CutePDF Writer 2.7
"dm-Fotowelt" = dm-Fotowelt
"DPP" = Canon Utilities Digital Photo Professional 3.9
"EOS Utility" = Canon Utilities EOS Utility
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"FreePDF_XP" = FreePDF XP (Remove only)
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"ICQToolbar" = ICQ Toolbar
"InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}" = CorelDRAW Graphics Suite 11
"InstallShield_{49B85E35-3C56-4420-9A0A-D125348A2D7F}" = TOSHIBA Supervisor Password
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{8B81CF96-0223-40E9-B6E7-1461F450B605}" = TOSHIBA Hardware Setup
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"Picture Resize_is1" = Free Picture Resize Starter 4.5
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PRJSTDR" = Microsoft Office Project Standard 2007 Trial
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Rossmann Fotowelt Software" = Rossmann Fotowelt Software 4.12.1
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SCHLECKER Foto Digital Service" = SCHLECKER Foto Digital Service
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"VISSTDR" = Microsoft Office Visio Standard 2007 Trial
"VLC media player" = VLC media player 1.0.3
"WFTK" = Canon Utilities WFT Utility
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-538443753-909013608-791444126-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Antivirus Events ]
Error - 28.05.2009 07:53:03 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 30.06.2009 10:22:06 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 21.09.2009 08:33:43 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 21.09.2009 17:13:59 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 21.09.2009 17:14:00 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 09.12.2009 12:58:11 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 09.12.2009 18:36:49 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 20.01.2010 17:09:54 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 04.03.2010 15:35:25 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
Error - 10.08.2010 12:52:26 | Computer Name = Johanna-PC | Source = avast! | ID = 33554522
Description = 
 
[ Application Events ]
Error - 04.08.2012 16:03:20 | Computer Name = Johanna-PC | Source = Application Hang | ID = 1002
Description = Programm PicasaPhotoViewer.exe, Version 3.9.135.93 arbeitet nicht 
mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im
 Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
 über das Problem zu suchen.  Prozess-ID: 1570  Anfangszeit: 01cd727a668dd480  Zeitpunkt
 der Beendigung: 41
 
Error - 08.08.2012 09:49:22 | Computer Name = Johanna-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 08.08.2012 09:50:01 | Computer Name = Johanna-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 23.09.2012 07:38:03 | Computer Name = Johanna-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 06.10.2012 05:25:19 | Computer Name = Johanna-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 06.10.2012 08:47:43 | Computer Name = Johanna-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 06.10.2012 09:16:57 | Computer Name = Johanna-PC | Source = Perflib | ID = 1008
Description = 
 
Error - 06.10.2012 09:16:57 | Computer Name = Johanna-PC | Source = Perflib | ID = 1010
Description = 
 
Error - 07.10.2012 09:41:26 | Computer Name = Johanna-PC | Source = Application Hang | ID = 1002
Description = Programm NOTEPAD.EXE, Version 6.0.6001.18000 arbeitet nicht mehr mit
 Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
 "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen.  Prozess-ID: 152c  Anfangszeit: 01cda4915e9f1fea  Zeitpunkt
 der Beendigung: 0
 
Error - 08.10.2012 07:15:11 | Computer Name = Johanna-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
 
Error encountered while reading event logs.
 
< End of report >
         
--- --- ---
__________________

Alt 08.10.2012, 14:37   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:
ATTFilter
:OTL
[2012.10.05 21:47:05 | 000,000,000 | ---D | C] -- C:\ProgramData\ipjgsxkseyyphtr
[2012.10.05 21:47:05 | 000,076,348 | ---- | M] () -- C:\ProgramData\fjfnxkmxgrngiyf
[2012.10.05 21:46:58 | 000,076,348 | ---- | C] () -- C:\ProgramData\fjfnxkmxgrngiyf
[2009.03.28 16:19:01 | 000,001,074 | RH-- | C] () -- C:\Users\Johanna\XrxWm.ini
[2009.03.28 16:19:01 | 000,000,522 | RH-- | C] () -- C:\Users\Johanna\xw45cpdy.dyc

:Commands
[emptytemp]
         
  • und füge es hier ein:
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Klick auf .
  • OTL verlangt einen Neustart. Bitte zulassen.
  • Nach dem Neustart findest Du ein Textdokument.



Malwarebytes updaten, Quick Scan, Funde löschen und Log posten.





ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Und ein frisches OTL logfile.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.10.2012, 10:21   #5
Pixidom
 
Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



Soooo, habe mich durchgeackert und folgende Ergebnisse bekommen:
All processes killed
========== OTL ==========
C:\ProgramData\ipjgsxkseyyphtr folder moved successfully.
C:\ProgramData\fjfnxkmxgrngiyf moved successfully.
File C:\ProgramData\fjfnxkmxgrngiyf not found.
C:\Users\Johanna\XrxWm.ini moved successfully.
C:\Users\Johanna\xw45cpdy.dyc moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Johanna
->Temp folder emptied: 2785286535 bytes
->Temporary Internet Files folder emptied: 140013550 bytes
->Java cache emptied: 10833004 bytes
->FireFox cache emptied: 74518337 bytes
->Google Chrome cache emptied: 141821754 bytes
->Flash cache emptied: 18700 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 132614830 bytes
RecycleBin emptied: 1080635861 bytes

Total Files Cleaned = 4.164,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10082012_145001

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



Malwarebytes:
Malwarebytes Anti-Malware (Test) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.10.08.06

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Johanna :: JOHANNA-PC [Administrator]

Schutz: Deaktiviert

08.10.2012 18:05:47
mbam-log-2012-10-08 (18-05-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 220094
Laufzeit: 9 Minute(n), 24 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


ESET Online Scanner hat nichts gefunden und ich hatte auch nichts zum exportieren.


OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08.10.2012 22:44:10 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Johanna\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,79 Gb Available Physical Memory | 39,77% Memory free
4,21 Gb Paging File | 2,42 Gb Available in Paging File | 57,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,96 Gb Total Space | 4,20 Gb Free Space | 5,60% Space Free | Partition Type: NTFS
Drive E: | 72,62 Gb Total Space | 14,58 Gb Free Space | 20,07% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 1754,43 Gb Free Space | 94,17% Space Free | Partition Type: NTFS
 
Computer Name: JOHANNA-PC | User Name: Johanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Johanna\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Users\Johanna\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil11c_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Mail\WinMail.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Internet Explorer\ieuser.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
PRC - C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
PRC - C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - c:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\1e33a9b2c58db182dd6c7d057ad49e4c\TCrdMain.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6bebfe5b7776c84cb38efdb2a7c9d447\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\415ef2ec8cbd9f3368da6ade10beae26\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c1498ba4652483d5adddd4c5d3927170\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\29d729043903b7b4b2ea695db220d866\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Windows\System32\ac3filter.acm ()
MOD - C:\Programme\Winamp\winampa.exe ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
MOD - C:\Programme\TOSHIBA\FlashCards\de\TCrdMain.resources.dll ()
MOD - C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
MOD - C:\Windows\System32\igfxTMM.dll ()
MOD - C:\Programme\TOSHIBA\ConfigFree\NotifyCFF.dll ()
MOD - C:\Programme\IDM\Desktop SMS\oehook.dll ()
MOD - C:\Programme\TOSHIBA\TBS\NotifyTBS.dll ()
MOD - C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll ()
MOD - C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll ()
MOD - C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()
MOD - C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe File not found
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_5891ae0.dll ()
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$AUTODESKVAULT) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (Autodesk Licensing Service) -- C:\Programme\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (C-DillaCdaC11BA) -- C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (TNaviSrv) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TosCoSrv) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA Bluetooth Service) -- c:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Tosrfcom) --  File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (GEARAspiWDM) -- System32\Drivers\GEARAspiWDM.sys File not found
DRV - (cpuz132) -- C:\Users\Johanna\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (CdaC15BA) -- C:\Windows\System32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV - (QIOMem) -- C:\Windows\System32\drivers\QIOMem.sys (TOSHIBA)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (iaNvStor) -- C:\Windows\System32\drivers\iaNvStor.sys (Intel Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (KR10N) -- C:\Windows\System32\drivers\KR10N.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\System32\drivers\KR10I.sys (TOSHIBA CORPORATION)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GCNV_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.1&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Johanna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.02.01 19:32:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.07 15:30:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.02 12:21:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2009.07.09 18:33:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.08.31 19:41:30 | 000,000,000 | ---D | M]
 
[2011.07.02 12:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johanna\AppData\Roaming\mozilla\Extensions
[2012.10.06 11:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johanna\AppData\Roaming\mozilla\Firefox\Profiles\gwba7b7t.default\extensions
[2012.07.01 08:54:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Johanna\AppData\Roaming\mozilla\Firefox\Profiles\gwba7b7t.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.07.25 20:02:54 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Johanna\AppData\Roaming\mozilla\Firefox\Profiles\gwba7b7t.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.09.30 18:11:00 | 000,000,950 | ---- | M] () -- C:\Users\Johanna\AppData\Roaming\mozilla\firefox\profiles\gwba7b7t.default\searchplugins\icqplugin-1.xml
[2011.12.09 15:45:25 | 000,000,950 | ---- | M] () -- C:\Users\Johanna\AppData\Roaming\mozilla\firefox\profiles\gwba7b7t.default\searchplugins\icqplugin-2.xml
[2011.11.23 21:41:44 | 000,001,056 | ---- | M] () -- C:\Users\Johanna\AppData\Roaming\mozilla\firefox\profiles\gwba7b7t.default\searchplugins\icqplugin.xml
[2011.12.09 15:45:12 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.12.09 15:45:09 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.10.06 11:41:55 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.06 11:41:55 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.06 11:41:55 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.06 11:41:55 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.06 11:41:55 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.06 11:41:55 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: InoViewer Plugin (Enabled) = C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Johanna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe (Corel Corporation)
O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Programme\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Johanna\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pampers Pregnancy Widget.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} hxxp://picasaweb.google.com/s/v/e/38.05/57go2Ejy5T0/uploader2.cab (UploadListView Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldde-de.cab (MSN Photo Upload Tool)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://www.video.rubotherm.de/activex/AMC.cab (AxisMediaControlEmb Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDFAFA5-1B4D-434A-9700-E1B7D90A5E0E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.02 18:22:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a1406d22-cebf-11dd-bd22-001b2448b9ad}\Shell\1\Command - "" = D:\.\recycled\info.exe
O33 - MountPoints2\{a1406d22-cebf-11dd-bd22-001b2448b9ad}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\.\recycled\info.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.08 18:36:10 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.08 18:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.08 18:04:36 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.08 18:02:14 | 010,524,080 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Johanna\Desktop\mbam-setup-1.65.0.1400.exe
[2012.10.08 14:50:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.10.08 13:19:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Johanna\Desktop\OTL.exe
[2012.10.08 12:41:25 | 000,000,000 | -HSD | C] -- C:\found.001
[2012.10.06 11:45:40 | 000,000,000 | ---D | C] -- C:\Users\Johanna\AppData\Roaming\Malwarebytes
[2012.10.06 11:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.06 11:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.08 22:51:05 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.08 21:50:58 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.08 21:50:58 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.08 18:49:38 | 000,686,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.08 18:49:38 | 000,643,612 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.08 18:49:38 | 000,150,994 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.08 18:49:38 | 000,122,800 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.08 18:04:42 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.08 18:02:22 | 010,524,080 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Johanna\Desktop\mbam-setup-1.65.0.1400.exe
[2012.10.08 15:51:16 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.08 15:50:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.08 15:50:43 | 2137,432,064 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.08 13:19:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Johanna\Desktop\OTL.exe
[2012.10.08 12:59:54 | 000,538,327 | ---- | M] () -- C:\Users\Johanna\Desktop\adwcleaner.exe
[2012.10.08 12:57:04 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.10.02 13:05:20 | 000,000,680 | ---- | M] () -- C:\Users\Johanna\AppData\Local\d3d9caps.dat
 
========== Files Created - No Company Name ==========
 
[2012.10.08 18:04:42 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.08 12:59:35 | 000,538,327 | ---- | C] () -- C:\Users\Johanna\Desktop\adwcleaner.exe
[2012.10.07 14:11:42 | 2137,432,064 | -HS- | C] () -- C:\hiberfil.sys
[2011.06.01 15:49:31 | 000,000,839 | ---- | C] () -- C:\Users\Johanna\.recently-used.xbel
[2010.12.14 21:38:17 | 000,038,791 | ---- | C] () -- C:\Program Files\https .pdf
[2009.07.18 19:38:27 | 000,000,174 | ---- | C] () -- C:\Users\Johanna\AppData\Roaming\default.rss
[2009.01.26 16:02:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008.08.27 11:22:12 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2008.06.11 21:42:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.04.04 22:39:32 | 000,000,680 | ---- | C] () -- C:\Users\Johanna\AppData\Local\d3d9caps.dat
[2008.04.04 10:00:17 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.12.15 00:39:18 | 000,026,340 | ---- | C] () -- C:\Users\Johanna\AppData\Roaming\UserTile.png
[2007.12.14 17:45:42 | 000,070,144 | ---- | C] () -- C:\Users\Johanna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.14 14:56:17 | 000,000,016 | -H-- | C] () -- C:\Users\Johanna\AppData\Roaming\mxfilerelatedcache.mxc2
[2007.12.14 14:56:17 | 000,000,016 | -H-- | C] () -- C:\Users\Johanna\AppData\Local\mxfilerelatedcache.mxc2
[2007.12.14 14:56:15 | 000,000,016 | -H-- | C] () -- C:\Users\Johanna\mxfilerelatedcache.mxc2
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 06:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.18 23:36:50 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2008.02.28 21:11:53 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Ansys
[2008.02.28 21:12:42 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Autodesk
[2008.06.29 00:58:39 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Bidgood Svcs
[2009.08.18 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Camfrog
[2009.07.21 19:54:29 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Canneverbe_Limited
[2011.10.08 20:36:00 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Canon
[2009.06.09 17:59:49 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\CoSoSys
[2007.12.14 23:15:02 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\DesktopSMS
[2012.07.07 09:52:24 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\GARMIN
[2010.12.16 16:24:45 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\gtk-2.0
[2012.02.16 21:17:21 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\ICQ
[2009.05.02 14:25:10 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\MAGIX
[2008.11.27 19:54:02 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\OpenOffice.org
[2009.01.26 16:19:52 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Samsung
[2008.09.10 15:15:48 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Thunderbird
[2009.04.07 13:26:35 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\WEB.DE
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:24051EFF

< End of report >
         
--- --- ---



Dann hoffe ich mal, dass nun alles OK ist. Mozilla startet immernoch nicht. Soll ich das deinstallieren und neu runterladen?

Vielen, vielen Dank schonmal.


Alt 09.10.2012, 11:00   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



Jep, deinstallieren und neu installieren, dann ein frisches OTl log bitte.
__________________
--> Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht

Alt 09.10.2012, 12:05   #7
Pixidom
 
Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



So, hoffentlich geschafft... OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 09.10.2012 11:44:16 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Johanna\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 0,64 Gb Available Physical Memory | 32,35% Memory free
4,21 Gb Paging File | 2,47 Gb Available in Paging File | 58,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,96 Gb Total Space | 5,17 Gb Free Space | 6,89% Space Free | Partition Type: NTFS
Drive E: | 72,62 Gb Total Space | 14,89 Gb Free Space | 20,50% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 1754,43 Gb Free Space | 94,17% Space Free | Partition Type: NTFS
 
Computer Name: JOHANNA-PC | User Name: Johanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Johanna\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Users\Johanna\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
PRC - C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
PRC - C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - c:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
PRC - C:\Programme\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\1e33a9b2c58db182dd6c7d057ad49e4c\TCrdMain.ni.exe ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6bebfe5b7776c84cb38efdb2a7c9d447\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\415ef2ec8cbd9f3368da6ade10beae26\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c1498ba4652483d5adddd4c5d3927170\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\29d729043903b7b4b2ea695db220d866\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll ()
MOD - C:\Windows\System32\ac3filter.acm ()
MOD - C:\Programme\Winamp\winampa.exe ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
MOD - C:\Programme\TOSHIBA\FlashCards\de\TCrdMain.resources.dll ()
MOD - C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
MOD - C:\Windows\System32\igfxTMM.dll ()
MOD - C:\Programme\TOSHIBA\ConfigFree\NotifyCFF.dll ()
MOD - C:\Programme\TOSHIBA\TBS\NotifyTBS.dll ()
MOD - C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll ()
MOD - C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll ()
MOD - C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll ()
MOD - C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe File not found
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_5891ae0.dll ()
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (MSSQL$AUTODESKVAULT) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (Autodesk Licensing Service) -- C:\Programme\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (C-DillaCdaC11BA) -- C:\Windows\System32\drivers\CDAC11BA.EXE (Macrovision)
SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (TNaviSrv) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (TosCoSrv) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (TOSHIBA Bluetooth Service) -- c:\Programme\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Tosrfcom) --  File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (GEARAspiWDM) -- System32\Drivers\GEARAspiWDM.sys File not found
DRV - (cpuz132) -- C:\Users\Johanna\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (winusb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (CdaC15BA) -- C:\Windows\System32\drivers\CDAC15BA.SYS (Macrovision Europe Ltd)
DRV - (CVPNDRVA) -- C:\Windows\System32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)
DRV - (tos_sps32) -- C:\Windows\System32\drivers\tos_sps32.sys (TOSHIBA Corporation)
DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV - (QIOMem) -- C:\Windows\System32\drivers\QIOMem.sys (TOSHIBA)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (iaNvStor) -- C:\Windows\System32\drivers\iaNvStor.sys (Intel Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (DNE) -- C:\Windows\System32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (CVirtA) -- C:\Windows\System32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (KR10N) -- C:\Windows\System32\drivers\KR10N.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\System32\drivers\KR10I.sys (TOSHIBA CORPORATION)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\System32\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GCNV_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.1&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Johanna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2008.02.01 19:32:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.09 11:37:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.02 12:21:01 | 000,000,000 | ---D | M]
 
[2011.07.02 12:28:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johanna\AppData\Roaming\mozilla\Extensions
[2012.10.06 11:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johanna\AppData\Roaming\mozilla\Firefox\Profiles\gwba7b7t.default\extensions
[2012.07.01 08:54:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Johanna\AppData\Roaming\mozilla\Firefox\Profiles\gwba7b7t.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.07.25 20:02:54 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Johanna\AppData\Roaming\mozilla\Firefox\Profiles\gwba7b7t.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.10.09 11:40:31 | 000,000,950 | ---- | M] () -- C:\Users\Johanna\AppData\Roaming\mozilla\firefox\profiles\gwba7b7t.default\searchplugins\icqplugin-1.xml
[2011.12.09 15:45:25 | 000,000,950 | ---- | M] () -- C:\Users\Johanna\AppData\Roaming\mozilla\firefox\profiles\gwba7b7t.default\searchplugins\icqplugin-2.xml
[2011.11.23 21:41:44 | 000,001,056 | ---- | M] () -- C:\Users\Johanna\AppData\Roaming\mozilla\firefox\profiles\gwba7b7t.default\searchplugins\icqplugin.xml
[2012.10.09 11:37:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: InoViewer Plugin (Enabled) = C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Johanna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Google Mail = C:\Users\Johanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe (Corel Corporation)
O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Programme\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Johanna\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found
O4 - Startup: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Pampers Pregnancy Widget.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} hxxp://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} hxxp://picasaweb.google.com/s/v/e/38.05/57go2Ejy5T0/uploader2.cab (UploadListView Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} hxxp://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUpldde-de.cab (MSN Photo Upload Tool)
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} hxxp://www.eset.eu/buxus/docs/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} hxxp://as.photoprintit.de/ips-opdata/layout/default_cms01/activex/IPSUploader4.cab (IPSUploader4 Control)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://www.video.rubotherm.de/activex/AMC.cab (AxisMediaControlEmb Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDDFAFA5-1B4D-434A-9700-E1B7D90A5E0E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Johanna\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.02 18:22:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a1406d22-cebf-11dd-bd22-001b2448b9ad}\Shell\1\Command - "" = D:\.\recycled\info.exe
O33 - MountPoints2\{a1406d22-cebf-11dd-bd22-001b2448b9ad}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL D:\.\recycled\info.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.08 18:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.08 18:04:36 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.08 18:02:14 | 010,524,080 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Johanna\Desktop\mbam-setup-1.65.0.1400.exe
[2012.10.08 14:50:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.10.08 13:19:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Johanna\Desktop\OTL.exe
[2012.10.08 12:41:25 | 000,000,000 | -HSD | C] -- C:\found.001
[2012.10.06 11:45:40 | 000,000,000 | ---D | C] -- C:\Users\Johanna\AppData\Roaming\Malwarebytes
[2012.10.06 11:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.06 11:45:27 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.09 11:51:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.09 11:37:47 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.10.09 11:16:38 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.09 11:16:19 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 11:16:18 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.09 11:16:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.09 11:16:05 | 2137,432,064 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.08 18:49:38 | 000,686,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.08 18:49:38 | 000,643,612 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.08 18:49:38 | 000,150,994 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.08 18:49:38 | 000,122,800 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.08 18:04:42 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.08 18:02:22 | 010,524,080 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Johanna\Desktop\mbam-setup-1.65.0.1400.exe
[2012.10.08 13:19:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Johanna\Desktop\OTL.exe
[2012.10.08 12:59:54 | 000,538,327 | ---- | M] () -- C:\Users\Johanna\Desktop\adwcleaner.exe
[2012.10.08 12:57:04 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012.10.02 13:05:20 | 000,000,680 | ---- | M] () -- C:\Users\Johanna\AppData\Local\d3d9caps.dat
 
========== Files Created - No Company Name ==========
 
[2012.10.09 11:37:47 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.10.08 18:04:42 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.08 12:59:35 | 000,538,327 | ---- | C] () -- C:\Users\Johanna\Desktop\adwcleaner.exe
[2012.10.07 14:11:42 | 2137,432,064 | -HS- | C] () -- C:\hiberfil.sys
[2011.06.01 15:49:31 | 000,000,839 | ---- | C] () -- C:\Users\Johanna\.recently-used.xbel
[2010.12.14 21:38:17 | 000,038,791 | ---- | C] () -- C:\Program Files\https .pdf
[2009.07.18 19:38:27 | 000,000,174 | ---- | C] () -- C:\Users\Johanna\AppData\Roaming\default.rss
[2009.01.26 16:02:18 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008.08.27 11:22:12 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2008.06.11 21:42:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.04.04 22:39:32 | 000,000,680 | ---- | C] () -- C:\Users\Johanna\AppData\Local\d3d9caps.dat
[2008.04.04 10:00:17 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.12.15 00:39:18 | 000,026,340 | ---- | C] () -- C:\Users\Johanna\AppData\Roaming\UserTile.png
[2007.12.14 17:45:42 | 000,070,144 | ---- | C] () -- C:\Users\Johanna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.14 14:56:17 | 000,000,016 | -H-- | C] () -- C:\Users\Johanna\AppData\Roaming\mxfilerelatedcache.mxc2
[2007.12.14 14:56:17 | 000,000,016 | -H-- | C] () -- C:\Users\Johanna\AppData\Local\mxfilerelatedcache.mxc2
[2007.12.14 14:56:15 | 000,000,016 | -H-- | C] () -- C:\Users\Johanna\mxfilerelatedcache.mxc2
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 06:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.18 23:36:50 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2008.02.28 21:11:53 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Ansys
[2008.02.28 21:12:42 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Autodesk
[2008.06.29 00:58:39 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Bidgood Svcs
[2009.08.18 21:40:28 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Camfrog
[2009.07.21 19:54:29 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Canneverbe_Limited
[2011.10.08 20:36:00 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Canon
[2009.06.09 17:59:49 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\CoSoSys
[2007.12.14 23:15:02 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\DesktopSMS
[2012.07.07 09:52:24 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\GARMIN
[2010.12.16 16:24:45 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\gtk-2.0
[2009.05.02 14:25:10 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\MAGIX
[2008.11.27 19:54:02 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\OpenOffice.org
[2009.01.26 16:19:52 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Samsung
[2008.09.10 15:15:48 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\Thunderbird
[2009.04.07 13:26:35 | 000,000,000 | ---D | M] -- C:\Users\Johanna\AppData\Roaming\WEB.DE
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:24051EFF

< End of report >
         
--- --- ---

Alt 09.10.2012, 13:03   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



Läuft Firefox jetzt?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.10.2012, 13:06   #9
Pixidom
 
Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



Ja, läuft :-)

Der Rechner ist zwar immernoch nicht der schnellste, aber wahrscheinlich hab ich den mit unnötigen Sachen zugemüllt. Weiß meistens leider nicht, ob ich gewisse Sachen deinstallieren darf oder nicht.

Vielen Dank für deine Hilfe. Ihr macht hier einen super Job. Ohne die Hilfe hätte ich das Teil einfach in den Müll schmeißen können

Alt 09.10.2012, 13:19   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Standard

Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht



Dann sag mir einfach was Du nimmer brauchst/gern deinstallieren würdest, dann gehen wir die Liste durch .
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht
abgesicherten, anhang, bildschirm, ergebnis, folge, funktioniert, funktioniert nicht, gmer, hochfahren, installiert, internetseite, löschung, malware, meldung, modus, modzilla, nicht mehr, rechner, sachen, scan, seite, seite kann nicht angezeigt werden, sekunden, systemreparatur, taskmanager, weiße, windows



Ähnliche Themen: Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht


  1. Fehleranzeige in Windows 7 : " Diese Seite kann nicht angezeigt werden "
    Log-Analyse und Auswertung - 20.07.2014 (3)
  2. Mehrer Probleme Speichern von Dateien auf dem Desktop und Upps diese Seite kann nicht angezeigt werden in Firefox
    Log-Analyse und Auswertung - 01.06.2013 (1)
  3. Weißer Bildschirm, "Website kann nicht angezeigt werden
    Log-Analyse und Auswertung - 05.02.2013 (26)
  4. Weißer Bildschirm, "Diese Website kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 18.11.2012 (21)
  5. Weißer Bildschirm, "Diese Website kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 17.11.2012 (35)
  6. Trojaner Ransom-D / Weißer Bildschirm: "Diese Website kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 07.11.2012 (39)
  7. Weißer Bildschirm und Meldung "Seite kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (9)
  8. weißer bildschirm und diese website kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 16.10.2012 (16)
  9. Weißer Bildschirm, "Website kann nicht angezeigt werden", Conteneur ActiveX
    Plagegeister aller Art und deren Bekämpfung - 06.10.2012 (4)
  10. weißer bildschrim nach start, webseite kann nicht angezeigt werden, taskmanager zeigt sich nur kurz
    Plagegeister aller Art und deren Bekämpfung - 04.10.2012 (1)
  11. Win7 beim hochfahren ist der desktop blockiert mir einer seite, diese seite kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (1)
  12. Trojaner - "Diese Seite kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (8)
  13. weißer bildschirm, die Seite kann nicht angezeigt werden
    Plagegeister aller Art und deren Bekämpfung - 13.09.2012 (23)
  14. Weißer Bildschirm und Meldung " Webside kann nicht angezeigt werden"
    Log-Analyse und Auswertung - 14.08.2012 (12)
  15. fehlermeldung "diese webseite kann nicht angezeigt werden" bildschirm ist blockiert
    Log-Analyse und Auswertung - 14.08.2012 (3)
  16. "Diese Seite kann nicht angezeigt werden" / Desktop blockiert
    Log-Analyse und Auswertung - 09.04.2012 (5)
  17. IE6: "Diese Seite kann nicht angezeigt werden."
    Log-Analyse und Auswertung - 23.12.2006 (2)

Zum Thema Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht - Hallo, wie schon einige andere hier, hab ich mir auch was eingefangen... Wie schon in der Überschrift beschrieben, hatte ich einen weißen Bildschirm, mit der Meldung, dass die Internetseite nicht - Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht...
Archiv
Du betrachtest: Weißer Bildschirm: Diese Seite kann nicht angezeigt werden, Taskmanager funktioniert nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.