| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: pro shield 2.0 ProblemWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.09.2011, 20:02
| #1 |
| |  pro shield 2.0 Problem Hallo lieber Helfer in der Not, anbei die OTL Berichte. Hatte o.a.Trojaner und bin Anleitung aus dem Forum gefolgt. 1.Krill.. 2.malwareboard 3.otl und nun folgendes Ergebnis Was muß ich nun machen? Vielen Dank im Voraus OTL logfile created on: 09.09.2011 20:43:40 - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Ulrich\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,31% Memory free 4,23 Gb Paging File | 2,82 Gb Available in Paging File | 66,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 55,66 Gb Total Space | 11,12 Gb Free Space | 19,98% Space Free | Partition Type: NTFS Drive D: | 111,79 Gb Total Space | 44,17 Gb Free Space | 39,51% Space Free | Partition Type: NTFS Drive F: | 54,66 Gb Total Space | 54,21 Gb Free Space | 99,17% Space Free | Partition Type: NTFS Computer Name: ULRICH-PC | User Name: Ulrich | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.09.09 20:42:15 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Users\Ulrich\Downloads\OTL (1).exe PRC - [2011.08.17 13:15:28 | 000,534,880 | ---- | M] (Spigot, Inc.) -- C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe PRC - [2011.08.17 13:00:38 | 000,402,328 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe PRC - [2011.07.30 18:10:30 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.05.10 02:05:23 | 001,305,200 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\mshaktuell.exe PRC - [2011.03.31 18:10:58 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe PRC - [2010.12.10 19:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2010.12.10 19:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2010.08.13 14:04:34 | 000,408,936 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\WINWORD.EXE PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.19 09:33:37 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Mail\WinMail.exe PRC - [2007.06.18 10:51:10 | 001,507,328 | ---- | M] (Interactive Digital Media) -- C:\Programme\IDM\Desktop SMS\DesktopSMS.exe PRC - [2007.06.13 07:11:00 | 004,489,216 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2007.06.07 13:30:40 | 000,192,512 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynToshiba.exe PRC - [2007.05.23 15:57:12 | 000,509,496 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe PRC - [2007.05.22 16:32:00 | 000,538,744 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe PRC - [2007.05.17 20:12:30 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2007.05.17 16:03:24 | 004,813,312 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe PRC - [2007.04.12 06:00:00 | 000,182,272 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE PRC - [2007.04.10 16:40:28 | 000,413,696 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe PRC - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2007.03.29 10:39:00 | 000,411,192 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe PRC - [2007.02.19 16:00:26 | 000,571,024 | ---- | M] (Toshiba) -- C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe PRC - [2007.02.12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.02.12 14:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2006.11.14 22:02:36 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe PRC - [2006.11.14 21:19:42 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe PRC - [2006.11.14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2006.11.13 10:29:40 | 000,413,696 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe PRC - [2006.11.06 17:14:44 | 000,034,352 | ---- | M] () -- C:\Programme\TOSHIBA\Utilities\KeNotify.exe PRC - [2006.10.05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006.05.25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2005.07.22 09:22:22 | 000,126,976 | ---- | M] (T-Com Bereich Endgeräte) -- C:\Programme\OnlineControl\ocontrol.exe ========== Modules (No Company Name) ========== MOD - [2011.08.23 09:24:07 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6a38f370d4e68b65106d1065d0b77067\PresentationFramework.Aero.ni.dll MOD - [2011.08.23 09:23:34 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4117485024b0f652b9fbb66ff5025896\System.Management.ni.dll MOD - [2011.08.23 09:21:41 | 011,804,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5aa9131000876de66160ff713b543d99\System.Web.ni.dll MOD - [2011.08.23 09:21:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a6d889aa69fd51c100352f23c7cebd22\System.Runtime.Remoting.ni.dll MOD - [2011.08.23 09:21:15 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c50d9d540acecdef29c31201e203a331\System.Windows.Forms.ni.dll MOD - [2011.08.23 09:21:06 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d8d83838f9840bde901df516ba3de588\System.Drawing.ni.dll MOD - [2011.08.23 09:21:02 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c2daa43beba8ce3aa05fc12457fdc3d0\PresentationFramework.ni.dll MOD - [2011.08.23 09:20:44 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9c51a39fddbefe0bc1a6c944b1dcb4c4\PresentationCore.ni.dll MOD - [2011.08.23 09:20:30 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9afe86eee3ddf79c5f6cf5d85873c464\WindowsBase.ni.dll MOD - [2011.08.23 09:20:26 | 000,519,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\3cb26fd553d96eef37800935d0c71293\TCrdMain.ni.exe MOD - [2011.08.23 09:20:14 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\4c3cda96b8f12220da20f2f8d1b9439c\System.Xml.ni.dll MOD - [2011.08.23 09:20:09 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29c6ef7f07d89496c72a1bbf718aed5d\System.Configuration.ni.dll MOD - [2011.08.23 09:18:30 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b9ea0d414c4861120bfb7365d8ec0939\System.ni.dll MOD - [2011.08.23 09:18:24 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f6deb187f24bb3185841092b89fbfdbb\mscorlib.ni.dll MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.05.10 11:35:08 | 001,715,712 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\wfvie11.dll MOD - [2011.05.10 11:34:24 | 007,739,904 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\wgui11.dll MOD - [2011.05.10 11:33:49 | 000,007,168 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\rscorewinapi47.dll MOD - [2011.05.10 02:44:58 | 004,058,112 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\wstyle11.dll MOD - [2011.05.10 02:44:51 | 024,962,048 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\wstyle111.dll MOD - [2011.05.10 02:43:17 | 004,211,712 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\wauff11.dll MOD - [2011.05.10 02:05:23 | 001,305,200 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\mshaktuell.exe MOD - [2011.05.10 01:53:16 | 001,342,464 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\wreli11.dll MOD - [2011.05.10 01:51:26 | 000,130,048 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\rsodbc47.dll MOD - [2011.05.10 01:51:16 | 000,028,672 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\rsdcom47.dll MOD - [2011.05.10 01:36:20 | 003,095,552 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\wcore11.dll MOD - [2011.05.10 01:31:17 | 001,357,824 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\wsteu11.dll MOD - [2011.05.10 01:29:03 | 000,312,832 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\rsguiwinapi47.dll MOD - [2011.03.21 13:49:42 | 000,701,952 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qtsqlrs47.dll MOD - [2011.02.01 10:17:40 | 000,357,376 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qtxmlrs47.dll MOD - [2011.02.01 10:17:19 | 011,162,624 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qtwebkitrs47.dll MOD - [2011.02.01 10:17:18 | 000,280,576 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qtsvgrs47.dll MOD - [2011.02.01 10:17:18 | 000,096,256 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qttestrs47.dll MOD - [2011.02.01 10:17:17 | 001,329,152 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qtscriptrs47.dll MOD - [2011.02.01 10:17:16 | 000,925,696 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qtnetworkrs47.dll MOD - [2011.02.01 10:17:13 | 008,854,016 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qtguirs47.dll MOD - [2011.02.01 10:17:10 | 002,394,112 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qt3supportrs47.dll MOD - [2011.02.01 10:17:10 | 002,341,376 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\qtcorers47.dll MOD - [2011.02.01 10:17:09 | 000,271,360 | ---- | M] () -- C:\Programme\WISO\Steuersoftware 2011\phononrs47.dll MOD - [2010.09.19 12:59:51 | 000,233,472 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2728.28895__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010.09.19 12:59:51 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2728.28951__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010.09.19 12:59:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2728.28930__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010.09.19 12:59:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2728.28950__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll MOD - [2010.09.19 12:59:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2728.28915__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll MOD - [2010.09.19 12:59:50 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2728.28937__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dl l MOD - [2010.09.19 12:59:50 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2728.29192__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010.09.19 12:59:50 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2728.29164__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2010.09.19 12:59:50 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2728.29157__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2010.09.19 12:59:50 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2728.29115__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2010.09.19 12:59:50 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2728.29051__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l MOD - [2010.09.19 12:59:30 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2728.29124__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2010.09.19 12:59:30 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2728.29185__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard. dll MOD - [2010.09.19 12:59:30 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2728.29198__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010.09.19 12:59:30 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2728.29131__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010.09.19 12:59:30 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2728.28909__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010.09.19 12:59:30 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2728.29123__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2010.09.19 12:59:29 | 000,917,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2728.29159__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2010.09.19 12:59:29 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2728.29061__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2010.09.19 12:59:29 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2728.28964__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll MOD - [2010.09.19 12:59:29 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2728.29052__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2010.09.19 12:59:29 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2728.28916__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.dll MOD - [2010.09.19 12:59:29 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2728.29145__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2010.09.19 12:59:29 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2728.29102__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2010.09.19 12:59:29 | 000,323,584 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2728.29044__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2010.09.19 12:59:29 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2728.28971__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2010.09.19 12:59:29 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2728.28957__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010.09.19 12:59:29 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2728.29082__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll MOD - [2010.09.19 12:59:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2728.29051__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2010.09.19 12:59:29 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2728.29059__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2010.09.19 12:59:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2728.29184__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2010.09.19 12:59:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2728.28970__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll MOD - [2010.09.19 12:59:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2728.29059__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2010.09.19 12:59:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2728.29081__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll MOD - [2010.09.19 12:59:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2728.29102__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2010.09.19 12:59:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2665.42187__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010.09.19 12:59:28 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2665.42152__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010.09.19 12:59:28 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2665.42162__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010.09.19 12:59:28 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010.09.19 12:59:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2665.42149__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010.09.19 12:59:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2665.42240__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010.09.19 12:59:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2665.42151__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010.09.19 12:59:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2665.42178__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2010.09.19 12:59:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2665.42166__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010.09.19 12:59:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2665.42161__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010.09.19 12:59:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2665.42156__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010.09.19 12:59:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2665.42157__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2665.42168__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2665.42177__90ba9c70f846762e\DEM.OS.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2665.42179__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2665.42164__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2665.42181__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2665.42180__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2665.42196__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2665.42166__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010.09.19 12:59:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2665.42196__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010.09.19 12:59:28 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010.09.19 12:59:27 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2665.42187__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2665.42182__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2665.42186__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2665.42198__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2665.42184__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2665.42186__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2665.42184__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2665.42182__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l MOD - [2010.09.19 12:59:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2665.42167__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2665.42180__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2665.42197__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2010.09.19 12:59:27 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2665.42185__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l MOD - [2010.09.19 12:59:27 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2665.42181__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l MOD - [2010.09.19 12:59:26 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2665.42184__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2010.09.19 12:59:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2665.42166__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2010.09.19 12:59:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2665.42187__90ba9c70f846762e\APM.Foundation.dll MOD - [2010.09.19 12:59:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2665.42150__90ba9c70f846762e\AEM.Foundation.dll MOD - [2010.09.19 12:59:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2010.09.19 12:59:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2665.42160__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010.09.19 12:59:22 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2728.29169_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2010.09.19 12:59:21 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2728.28924__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010.09.19 12:59:21 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2728.29178__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010.09.19 12:59:21 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2728.29176__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010.09.19 12:59:21 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2728.29220__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010.09.19 12:59:21 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2665.42158__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010.09.19 12:59:21 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2665.42196__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010.09.19 12:59:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2665.42169__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010.09.19 12:59:21 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2665.42154__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010.09.19 12:59:21 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2728.28892__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010.09.19 12:59:20 | 001,503,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2728.28903__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010.09.19 12:59:20 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2728.29169__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2010.09.19 12:59:20 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2728.28894__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010.09.19 12:59:20 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2728.28894__90ba9c70f846762e\ATIDEMOS.dll MOD - [2010.09.19 12:59:20 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2728.28893__90ba9c70f846762e\AEM.Server.dll MOD - [2010.09.19 12:59:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2665.42165__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010.09.19 12:59:20 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2665.42160__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010.09.19 12:59:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2728.29177__90ba9c70f846762e\CCC.Implementation.dll MOD - [2010.09.19 12:59:20 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010.09.19 12:59:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2665.42167__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010.09.19 12:59:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2665.42188__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2010.08.16 00:08:44 | 000,094,208 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.03.30 06:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.02.14 06:04:38 | 000,756,040 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL MOD - [2007.06.21 11:27:32 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2007.05.31 16:38:22 | 000,958,464 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\de\TCrdMain.resources.dll MOD - [2007.05.31 10:12:32 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2007.05.17 16:03:24 | 004,813,312 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe MOD - [2007.04.23 10:38:08 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\ConfigFree\NotifyCFF.dll MOD - [2007.01.18 09:30:00 | 000,094,208 | ---- | M] () -- C:\Programme\IDM\Desktop SMS\oehook.dll MOD - [2006.12.01 18:55:42 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\TBS\NotifyTBS.dll MOD - [2006.11.09 18:27:06 | 000,090,112 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll MOD - [2006.11.08 19:08:30 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll MOD - [2006.11.06 17:14:44 | 000,034,352 | ---- | M] () -- C:\Programme\TOSHIBA\Utilities\KeNotify.exe MOD - [2006.10.10 11:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll MOD - [2006.10.07 12:57:04 | 000,053,248 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (TOSHIBA Bluetooth Service) SRV - [2011.08.17 13:00:38 | 000,402,328 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.02.17 15:33:32 | 000,420,520 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService) SRV - [2010.12.08 22:31:11 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.11.02 16:35:57 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.11.02 16:35:56 | 000,539,304 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService) SRV - [2010.11.02 16:35:56 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007.05.17 20:12:30 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007.02.12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R) SRV - [2006.11.14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2006.10.05 13:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006.05.25 19:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV - [2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010.12.20 20:49:32 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.11.22 12:32:40 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.11.02 16:35:57 | 000,102,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avfwot.sys -- (avfwot) DRV - [2010.10.02 18:21:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2010.10.02 18:21:25 | 000,079,432 | ---- | M] (Avira GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avfwim.sys -- (avfwim) DRV - [2008.11.17 15:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R) DRV - [2007.06.21 11:36:32 | 002,600,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2007.04.30 07:42:14 | 000,081,408 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007.04.27 20:13:58 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32) DRV - [2007.04.26 22:09:38 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007.04.16 10:19:10 | 000,011,776 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007.03.06 15:01:04 | 000,014,848 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\CplIR.SYS -- (CplIR) DRV - [2007.01.24 14:44:06 | 000,290,304 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21) DRV - [2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N) DRV - [2007.01.18 16:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I) DRV - [2006.11.28 16:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006.11.02 09:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2006.10.18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006.10.05 22:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2006.07.28 16:25:26 | 000,019,456 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\LPCFilter.sys -- (LPCFilter) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/ [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.meer-harmonie.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.startup.homepage: "www.meer-harmonie.de" FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.4 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.4 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=" FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=302398&p=" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.09 20:17:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.09 20:17:04 | 000,000,000 | ---D | M] [2010.09.26 21:08:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ulrich\AppData\Roaming\mozilla\Extensions [2011.05.12 20:27:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ulrich\AppData\Roaming\mozilla\Firefox\Profiles\sd7mga8m.default\extensions [2010.09.26 21:27:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ulrich\AppData\Roaming\mozilla\Firefox\Profiles\sd7mga8m.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.09.09 20:43:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.09.09 20:43:09 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM [2011.09.09 20:43:09 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES\PDFFORGE TOOLBAR\FF [2011.07.15 19:51:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.05.12 20:32:48 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.05.12 20:32:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011.05.12 20:32:48 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2011.05.12 20:32:48 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2011.05.12 20:32:48 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2011.05.12 20:32:48 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll (Spigot, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media) O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [HWSetup] File not found O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA) O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba) O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [EPSON Stylus DX8400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [TOSCDSPD] File not found O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\Ulrich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5fe56016da.dat () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2A946F5-2F06-4049-9C89-C31C25B7772F}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found O24 - Desktop WallPaper: D:\Ute\Meer Harmonie\Bilder\Bilder\Coralie\Eingangstor\CIMG3869.JPG O24 - Desktop BackupWallPaper: D:\Ute\Meer Harmonie\Bilder\Bilder\Coralie\Eingangstor\CIMG3869.JPG O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{79903335-99b8-11e0-bf15-001b383ec2bd}\Shell - "" = AutoRun O33 - MountPoints2\{79903335-99b8-11e0-bf15-001b383ec2bd}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.09.09 20:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar [2011.09.09 20:43:09 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater [2011.09.09 20:15:22 | 000,000,000 | ---D | C] -- C:\Users\Ulrich\AppData\Roaming\Malwarebytes [2011.09.09 20:15:16 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.09.09 20:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.09.09 20:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.09.09 20:15:12 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.09.09 20:15:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.09.09 14:57:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2011.09.09 14:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2011.09.08 21:18:55 | 000,000,000 | ---D | C] -- C:\ProgramData\oP19600JpGaF19600 [2011.08.28 14:53:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2011.08.11 15:30:10 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.08.11 15:30:09 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.08.11 15:30:08 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2011.08.11 15:30:08 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.08.11 15:30:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2011.08.10 20:47:37 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2011.08.10 20:47:13 | 003,602,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2011.08.10 20:47:13 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Ulrich\AppData\Local\*.tmp files -> C:\Users\Ulrich\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.09.09 20:37:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.09.09 20:37:29 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.09.09 20:37:28 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.09.09 20:37:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.09.09 20:37:12 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys [2011.09.09 20:11:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.09.03 16:32:38 | 000,689,472 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.09.03 16:32:38 | 000,645,858 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.09.03 16:32:38 | 000,151,046 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.09.03 16:32:38 | 000,122,686 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.09.02 17:23:07 | 000,061,440 | ---- | M] () -- C:\Users\Ulrich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Ulrich\AppData\Local\*.tmp files -> C:\Users\Ulrich\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.08.02 20:53:48 | 000,000,000 | ---- | C] () -- C:\Users\Ulrich\AppData\Local\{B9348163-8218-47EF-A8AE-D5D041C781C5} [2011.07.02 21:05:20 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2 [2011.06.03 17:13:57 | 000,000,000 | ---- | C] () -- C:\Users\Ulrich\AppData\Local\{D191FB15-D7CB-4A07-A139-21BD54FFA011} [2011.05.18 20:10:07 | 000,000,000 | ---- | C] () -- C:\Users\Ulrich\AppData\Local\{33A4229B-8664-4812-9347-64A0654C3351} [2011.03.11 23:06:50 | 000,024,206 | ---- | C] () -- C:\Users\Ulrich\AppData\Roaming\UserTile.png [2010.11.18 20:05:25 | 000,000,583 | ---- | C] () -- C:\Windows\wiso.ini [2010.10.24 20:21:54 | 000,000,016 | -H-- | C] () -- C:\Users\Ulrich\AppData\Roaming\mxfilerelatedcache.mxc2 [2010.10.24 20:21:36 | 000,000,016 | -H-- | C] () -- C:\Users\Ulrich\AppData\Local\mxfilerelatedcache.mxc2 [2010.10.09 10:24:46 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010.09.29 10:48:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2010.09.28 18:11:38 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.09.28 18:11:38 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2010.09.20 19:43:51 | 000,061,440 | ---- | C] () -- C:\Users\Ulrich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.07.12 21:33:09 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat [2007.07.12 21:33:09 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat [2007.07.12 21:33:09 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat [2007.07.12 21:33:09 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat [2007.07.12 10:54:33 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2007.07.12 10:54:33 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007.07.12 10:54:32 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2007.07.12 10:45:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2007.07.12 10:45:09 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2007.07.12 10:45:09 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2007.07.12 10:45:09 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2007.07.12 10:26:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll [2007.04.16 08:35:21 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.04.16 08:02:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2007.04.16 07:26:26 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini [2007.04.16 07:26:26 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll [2007.04.16 07:26:26 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini [2007.04.16 07:26:26 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini [2007.04.16 07:23:35 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007.04.16 06:38:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll [2006.12.05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2006.11.02 17:33:31 | 000,689,472 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,151,046 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,397,344 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,645,858 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,122,686 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.11.23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll [2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll ========== Custom Scans ========== < Malwarebytes' Anti-Malware 1.51.1.1800 > < www.malwarebytes.org > < > < Datenbank Version: 7685 > < > < Windows 6.0.6002 Service Pack 2 > < Internet Explorer 9.0.8112.16421 > < > < 09.09.2011 20:28:20 > < mbam-log-2011-09-09 (20-28-20).txt > < > < Art des Suchlaufs: Quick-Scan > < Durchsuchte Objekte: 171912 > < Laufzeit: 9 Minute(n), 49 Sekunde(n) > < > < Infizierte Speicherprozesse: 0 > < Infizierte Speichermodule: 0 > < Infizierte Registrierungsschlüssel: 0 > < Infizierte Registrierungswerte: 1 > < Infizierte Dateiobjekte der Registrierung: 0 > < Infizierte Verzeichnisse: 0 > < Infizierte Dateien: 14 > < > < Infizierte Speicherprozesse: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Speichermodule: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Registrierungsschlüssel: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Registrierungswerte: > < HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\oP19600JpGaF19600 (Trojan.FakeAlert) -> Value: oP19600JpGaF19600 -> Quarantined and deleted successfully. > < > < Infizierte Dateiobjekte der Registrierung: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Verzeichnisse: > < (Keine bösartigen Objekte gefunden) > < > < Infizierte Dateien: > < c:\programdata\op19600jpgaf19600\op19600jpgaf19600.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\dxdiag.exe (Trojan.Agent) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\2B27.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\setup1470639808.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\setup1475315392.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\setup1688441536.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\a120B.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\setup2430198464.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\setup2494784192.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\setup2851527360.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\setup3186007744.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\setup3920197312.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\AppData\Local\Temp\setup765697728.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. > < c:\Users\Ulrich\downloads\eXplorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. > < End of report > OTL Extras logfile created on: 09.09.2011 20:43:40 - Run 1 OTL by OldTimer - Version 3.2.27.0 Folder = C:\Users\Ulrich\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 0,95 Gb Available Physical Memory | 47,31% Memory free 4,23 Gb Paging File | 2,82 Gb Available in Paging File | 66,76% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 55,66 Gb Total Space | 11,12 Gb Free Space | 19,98% Space Free | Partition Type: NTFS Drive D: | 111,79 Gb Total Space | 44,17 Gb Free Space | 39,51% Space Free | Partition Type: NTFS Drive F: | 54,66 Gb Total Space | 54,21 Gb Free Space | 99,17% Space Free | Partition Type: NTFS Computer Name: ULRICH-PC | User Name: Ulrich | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "UacDisableNotify" = 1 "InternetSettingsDisableNotify" = 1 "AutoUpdateDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1935556453-4032002373-916732805-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02BBC902-D897-42F7-81D5-7A286AA053F5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{1020C9D5-794A-4F63-9C65-1832D37D866E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{1EE50B3F-5DF0-49C7-B61B-2E981B0D3FA8}" = rport=138 | protocol=17 | dir=out | app=system | "{2E81724F-7C1B-4DD3-890B-6D152D080657}" = rport=445 | protocol=6 | dir=out | app=system | "{52FE1A5C-FD5C-4223-B297-0C4AF6CD0E35}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{616CA45C-9752-4D02-B964-9C394DA1F205}" = lport=445 | protocol=6 | dir=in | app=system | "{75B4478A-336B-4BD6-9F73-6215C7E8C402}" = lport=137 | protocol=17 | dir=in | app=system | "{839EDA7D-F5C7-4F3A-B69D-EE6FFEE31E49}" = rport=139 | protocol=6 | dir=out | app=system | "{DBD2ED76-D841-4F7C-98D9-0049C2FE9C76}" = lport=138 | protocol=17 | dir=in | app=system | "{E1334F0F-BE5B-4831-B1C3-6A59450AFB2F}" = lport=139 | protocol=6 | dir=in | app=system | "{F7A52DC9-163C-4325-996A-17FB1E0A5AA2}" = rport=137 | protocol=17 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{039BBDBD-2A0A-46FB-9DE8-E147F96AC827}" = dir=in | app=c:\program files\itunes\itunes.exe | "{3BC3FE34-3FD3-44DE-842E-081E369AFE45}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5E45A915-9CB0-4C55-8205-8BE3E25F549B}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{910E557E-8BF2-4EE7-B017-66271682BE92}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{977ED857-A413-4267-B002-7CAE5F38C0DB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{ABAC1801-13FC-4A58-884A-6A91C47A1FA7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C879F19E-F1E0-4ED3-836C-85B6BF37A12D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DCE09FA5-DFB1-462F-9804-D6C4FD8EB391}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00004EE8-1E8B-BB10-6588-07DF0D120F6B}" = CCC Help Korean "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) "{02E107FC-1861-FC4A-E80F-07DA9DC5808C}" = Catalyst Control Center Graphics Previews Vista "{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011 "{03C55715-3545-2DF8-8C64-2BB877955150}" = Catalyst Control Center Localization Chinese Traditional "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{0755396F-D048-8CDD-6AC3-C7C83A6869B5}" = CCC Help Czech "{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) "{08B7B1F9-A8EB-7632-FFC3-04AB5328143B}" = CCC Help Chinese Standard "{09F52B2B-8B36-130C-5EBD-6E5FFC5FA0B7}" = CCC Help English "{0E1C53DA-DF86-845A-7BEB-14C4A8E0B150}" = Catalyst Control Center Localization Korean "{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool "{15B924BC-AEB2-7E31-F414-1FC7B385846A}" = CCC Help Greek "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{20CFE038-F4CE-0716-DCA0-04BBD67FE5EA}" = CCC Help Turkish "{2126F5BB-AB90-083F-7AA8-A29D73819DAA}" = CCC Help French "{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding "{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26E6EA50-532C-8CF3-5EB4-8C8D306EAB58}" = Catalyst Control Center Localization Polish "{27CD3616-D3B0-834C-89A3-4FC5CEE7374D}" = Catalyst Control Center Graphics Full Existing "{28912B61-0265-3C33-7EC7-14345AC76E3D}" = CCC Help Hungarian "{2D06C1FE-8454-5663-D0E9-1C130FD96446}" = Catalyst Control Center Localization Norwegian "{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component "{30F9E15A-EE25-6D32-62CE-2E6BEAED3766}" = CCC Help Italian "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6 "{342A19C7-3335-C02F-F1DD-3A0B49C3D047}" = Catalyst Control Center Localization Greek "{34EF4F67-A3CE-DAB6-FA06-7C4C59A0D462}" = Catalyst Control Center Localization Swedish "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3CE22BE4-E2D3-F0E8-1C52-1B5A5F97B876}" = Catalyst Control Center Localization Turkish "{400F4990-B111-109A-6B08-E80CB42651AA}" = Catalyst Control Center Localization Danish "{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager "{44479884-EB6D-38DA-1D3E-835625E40F7E}" = Catalyst Control Center Graphics Previews Common "{480CA9F1-17E2-0B15-9684-511C0A083F92}" = Catalyst Control Center Localization Thai "{4F31172C-2692-BB28-8F5B-86474CEC5D33}" = Catalyst Control Center Localization Chinese Standard "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password "{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "{54AAFB71-6DCB-32EB-8F91-DA7643497ED4}" = Catalyst Control Center Localization Spanish "{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS "{5D1CB0EC-0CA2-B4FD-2A10-2503A3CF7E46}" = Catalyst Control Center Localization Italian "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{5EFE618D-0100-6DE7-9894-5FD057103871}" = Catalyst Control Center Core Implementation "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility "{63D10FBD-5667-DAD9-0B31-CED873B3F7EF}" = Catalyst Control Center Graphics Light "{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree "{7936153F-8D09-BC11-6DC4-1D4DEAB9D680}" = CCC Help Thai "{816B8A02-76F0-AE47-E28F-0AD114CC261E}" = CCC Help Polish "{82AB4F83-BBBA-8F04-EE34-11F74E39A4B6}" = Catalyst Control Center Localization German "{86158699-F584-0DC9-119D-C5A6591090FB}" = CCC Help Chinese Traditional "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_SMALLBUSINESSR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager "{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007 "{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{920E3F1A-0B73-807D-EE0E-E6D89D4E5DDE}" = Catalyst Control Center Localization Dutch "{985AF15E-776F-3CDD-EB92-2DAFF02697FB}" = Skins "{98CE747E-4948-10B0-BBF0-5981A11114D1}" = Catalyst Control Center Localization Hungarian "{99F54171-AE4A-579B-1544-5870478FC8F7}" = Catalyst Control Center Graphics Full New "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer "{A1BAD23B-748C-50FD-CCA9-956C3F54D138}" = CCC Help German "{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{ABD82299-8034-4B44-4FDB-3F8971C20575}" = CCC Help Finnish "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch "{ACE07E37-A416-9A6B-D352-C776FFA49493}" = CCC Help Spanish "{B2AEC44B-F926-773D-D028-77CADEF8D9D3}" = CCC Help Norwegian "{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth "{B537ACDB-7C56-83B6-034C-A5AF6400F789}" = CCC Help Swedish "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B8AB4511-EECC-9299-45B3-F25F4774F6F2}" = CCC Help Russian "{BD75C1A0-F0ED-B54A-B49C-3244B47BA803}" = ccc-utility "{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support "{C6317675-96CC-D2AE-40F2-698F3DED64B4}" = CCC Help Portuguese "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes "{C7FAEA9E-A14C-D8C9-EEE9-8D43F9E09565}" = Catalyst Control Center Localization Czech "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CC35C434-FFC8-BDD8-44F0-ED0972484C56}" = CCC Help Dutch "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour "{D646CA8B-5227-1598-5E9C-132B2D89A38D}" = Catalyst Control Center Localization Japanese "{D8E302CB-8517-3E9B-C6C9-E90A21C6EFC5}" = CCC Help Danish "{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe "{E6098043-1183-4580-89EF-423CBF807188}" = pdfforge Toolbar v4.6 "{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities "{F0BB634D-B374-A329-EE5D-22C279F92A7F}" = ccc-core-static "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1C1426C-6670-4068-6398-EB490D45979F}" = Catalyst Control Center Localization Portuguese "{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA "{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F8B5B814-A3BF-F83F-09ED-AED9EE88211A}" = Catalyst Control Center Localization French "{F927176F-F8F0-FACF-A57E-4F95714B6F00}" = Catalyst Control Center Localization Russian "{FA7BB878-FC13-7548-13D3-18A53381014D}" = CCC Help Japanese "{FB56EE4D-7CBC-6FDC-E336-52BD269E4CF6}" = Catalyst Control Center Localization Finnish "{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer "{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira Premium Security Suite "CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX "CameraWindowLauncher" = Canon Utilities CameraWindow "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX "Canon MOV Decoder" = Canon MOV Decoder "Canon RAW Codec" = Canon RAW Codec "CCleaner" = CCleaner "DPP" = Canon Utilities Digital Photo Professional 3.9 "EOS Utility" = Canon Utilities EOS Utility "EPSON Printer and Utilities" = EPSON-Drucker-Software "EPSON Scanner" = EPSON Scan "FileZilla Client" = FileZilla Client 3.3.4.1 "Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) "InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort "InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility "InstallShield_{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver "InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers. "InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D) "MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D) "MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800 "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft SQL Server 2005" = Microsoft SQL Server 2005 "Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de) "MyCamera" = Canon Utilities MyCamera "myphotobook" = myphotobook 3.1 "OnlineControl_is1" = OnlineControl 1.2 "Original Data Security Tools" = Canon Utilities Original Data Security Tools "PhotoStitch" = Canon Utilities PhotoStitch "Picasa 3" = Picasa 3 "Picture Style Editor" = Canon Utilities Picture Style Editor "RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX "SMALLBUSINESSR" = Microsoft Office Small Business 2007 "SynTPDeinstKey" = Synaptics Pointing Device Driver "TOSHIBA Software Modem" = TOSHIBA Software Modem "WFTK" = Canon Utilities WFT-E1/E2/E3/E4 Utility "Windows Media Encoder 9" = Windows Media Encoder 9-Reihe "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 09.09.2011 09:23:26 | Computer Name = Ulrich-PC | Source = EventSystem | ID = 4621 Description = Error - 09.09.2011 09:26:01 | Computer Name = Ulrich-PC | Source = Avira AntiVir | ID = 4122 Description = Die Datei AVPREF.DLL konnte nicht geladen werden. Fehlercode: 0x45a Error - 09.09.2011 09:26:02 | Computer Name = Ulrich-PC | Source = Avira Firewall | ID = 0 Description = Ungültige Lizenz Error - 09.09.2011 09:26:04 | Computer Name = Ulrich-PC | Source = MSSQL$MSSMLBIZ | ID = 9003 Description = Die Protokollscannummer (518:360:1), die an den Protokollscan in der 'master'-Datenbank übergeben wurde, ist ungültig. Dieser Fehler kann darauf hinweisen, dass Daten beschädigt sind oder dass die Protokolldatei (LDF) nicht mit der Datendatei (MDF) übereinstimmt. Falls dieser Fehler während der Replikation aufgetreten ist, müssen Sie die Publikation neu erstellen. Andernfalls stellen Sie die Datenbank von einer Sicherung wieder her, falls das Problem zu einem Fehler beim Starten führt. Error - 09.09.2011 13:41:55 | Computer Name = Ulrich-PC | Source = Avira AntiVir | ID = 4122 Description = Die Datei AVPREF.DLL konnte nicht geladen werden. Fehlercode: 0x45a Error - 09.09.2011 13:41:55 | Computer Name = Ulrich-PC | Source = Avira Firewall | ID = 0 Description = Ungültige Lizenz Error - 09.09.2011 13:42:05 | Computer Name = Ulrich-PC | Source = MSSQL$MSSMLBIZ | ID = 9003 Description = Die Protokollscannummer (518:360:1), die an den Protokollscan in der 'master'-Datenbank übergeben wurde, ist ungültig. Dieser Fehler kann darauf hinweisen, dass Daten beschädigt sind oder dass die Protokolldatei (LDF) nicht mit der Datendatei (MDF) übereinstimmt. Falls dieser Fehler während der Replikation aufgetreten ist, müssen Sie die Publikation neu erstellen. Andernfalls stellen Sie die Datenbank von einer Sicherung wieder her, falls das Problem zu einem Fehler beim Starten führt. Error - 09.09.2011 14:37:39 | Computer Name = Ulrich-PC | Source = Avira Firewall | ID = 0 Description = Ungültige Lizenz Error - 09.09.2011 14:37:39 | Computer Name = Ulrich-PC | Source = Avira AntiVir | ID = 4122 Description = Die Datei AVPREF.DLL konnte nicht geladen werden. Fehlercode: 0x45a Error - 09.09.2011 14:37:41 | Computer Name = Ulrich-PC | Source = MSSQL$MSSMLBIZ | ID = 9003 Description = Die Protokollscannummer (518:360:1), die an den Protokollscan in der 'master'-Datenbank übergeben wurde, ist ungültig. Dieser Fehler kann darauf hinweisen, dass Daten beschädigt sind oder dass die Protokolldatei (LDF) nicht mit der Datendatei (MDF) übereinstimmt. Falls dieser Fehler während der Replikation aufgetreten ist, müssen Sie die Publikation neu erstellen. Andernfalls stellen Sie die Datenbank von einer Sicherung wieder her, falls das Problem zu einem Fehler beim Starten führt. [ OSession Events ] Error - 19.09.2010 13:24:02 | Computer Name = Ulrich-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 284 seconds with 240 seconds of active time. This session ended with a crash. Error - 19.09.2010 15:33:38 | Computer Name = Ulrich-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 82 seconds with 60 seconds of active time. This session ended with a crash. Error - 29.09.2010 15:29:54 | Computer Name = Ulrich-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 92 seconds with 60 seconds of active time. This session ended with a crash. Error - 08.03.2011 18:27:23 | Computer Name = Ulrich-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6546.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time. This session ended with a crash. Error - 22.03.2011 15:44:09 | Computer Name = Ulrich-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 25 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 09.09.2011 13:43:17 | Computer Name = Ulrich-PC | Source = Service Control Manager | ID = 7024 Description = Error - 09.09.2011 14:07:00 | Computer Name = Ulrich-PC | Source = DCOM | ID = 10010 Description = Error - 09.09.2011 14:37:12 | Computer Name = Ulrich-PC | Source = atikmdag | ID = 43034 Description = Unknown EDID version Error - 09.09.2011 14:37:12 | Computer Name = Ulrich-PC | Source = atikmdag | ID = 43034 Description = Unknown EDID version Error - 09.09.2011 14:37:12 | Computer Name = Ulrich-PC | Source = atikmdag | ID = 43034 Description = Unknown EDID version Error - 09.09.2011 14:38:51 | Computer Name = Ulrich-PC | Source = Service Control Manager | ID = 7000 Description = Error - 09.09.2011 14:38:51 | Computer Name = Ulrich-PC | Source = Service Control Manager | ID = 7000 Description = Error - 09.09.2011 14:38:51 | Computer Name = Ulrich-PC | Source = Service Control Manager | ID = 7001 Description = Error - 09.09.2011 14:38:51 | Computer Name = Ulrich-PC | Source = Service Control Manager | ID = 7001 Description = Error - 09.09.2011 14:38:51 | Computer Name = Ulrich-PC | Source = Service Control Manager | ID = 7024 Description = < End of report > MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{9 |
|
09.09.2011, 21:18
| #2 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | pro shield 2.0 ProblemZitat:
 Zitat:
Du hast ein Log von Malwarebytes eingefügt. Ist das so unklar beschrieben, wie man hier Logs erstellt und postet? 
__________________ |
|
10.09.2011, 07:33
| #3 |
| | pro shield 2.0 Problem Moin Arne,
__________________sorry ich bin nicht so der PC Freak und meine Schwiegereltern haben sich diesen Trojaner eingefangen und ich versuch nun das Ding zu beseitigen. Ich war leider etwas unklar. Also ich hab folgendes getan bzgl. dem beschriebenen Trojaner. Hab ich an den Beitrag von Sonic23 vom 01.09.2011 gehalten. 1. rkill.com ausgeführt 2.Malwarebytes scan gemacht (Ergebnis gespeichert) 3.Neustart 4.otl.exe und das Ergebnis von Malwarebytes da reinkopiert und das Ergebnis daraus hab ich dann gepostet. Ich dachte das wäre so korrekt..?! Der Trojaner scheint jetzt auch verschwunden. ->Mann kann an der Oberfläche nichts mehr sehen und das Outlook funtkioniert wieder... Was muß ich nun noch erledigen? danke |
|
11.09.2011, 12:36
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | pro shield 2.0 ProblemZitat:
Lies bitte die Anleitung richtig! Gerade wenn du kein "Freak" bist kann das keine Ausrede sein, dass man nicht richtig liest. Mach auch unbedingt einen Vollscan mit Malwarebytes, vorher das Tool aktualisieren. Poste alle Logs falls du schon öfter Scans gemacht hast.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.09.2011, 17:13
| #5 |
| | pro shield 2.0 Problem Hi Arne, hab Malwarebytes aktualisiert und scannen lassen und dies ist nun das Ergebnis: Malwarebytes : Free anti-malware, anti-virus and spyware removal download Datenbank Version: 7695 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 11.09.2011 18:11:26 mbam-log-2011-09-11 (18-11-26).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 173257 Laufzeit: 9 Minute(n), 15 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Danke für Deine Hilfe!! |
|
11.09.2011, 17:47
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | pro shield 2.0 Problem Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ --> pro shield 2.0 Problem |
|
| Themen zu pro shield 2.0 Problem |
| antivir, autorun, avira, bho, bonjour, branding, desktop, error, excel.exe, feedback, firefox, flash player, format, ftp, google, google earth, heuristics.reserved.word.exploit, home, infizierte dateien, install.exe, laufzeit, logfile, microsoft office 2003, microsoft office word, object, office 2007, pdfforge toolbar, problem, realtek, registry, rundll, scan, sched.exe, security, security update, server, shell32.dll, starten, version=1.0, vista, wiso |
Linear-Darstellung
