|
Log-Analyse und Auswertung: Dateien nicht mehr lesbar, alle haben Erstellt: Dienstag, 13. Februar 1601, 10:28:18Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
28.05.2012, 11:53 | #1 |
| Dateien nicht mehr lesbar, alle haben Erstellt: Dienstag, 13. Februar 1601, 10:28:18 Hallo bin nicht ganz sicher ob ich das richtige Unterforum erwischt habe. Mein Scanner hat 3 Trojaner gefunden und neutraliesiert. Alle .jpg und .pdf etc. Dateien lassen sich nicht mehr öffnen. Bildvorschauen sind nur noch ganz wenige sichtbar aber auch nicht zu öffnen. Struktur, Bildnamen und Datenmenge ist normal vorhanden. Offensichtlichstes Problem ist, bei allen Dateien welche sich nicht mehr öffnen lassen, steht das Datum Erstellt: Dienstag, 13. Februar 1601, 10:28:18 Besten Dank vorab für jegliche Hilfe! Hier noch die log-files welche ich nach Anleitung gezogen habe. t wOTL Logfile: Code:
ATTFilter OTL logfile created on: 28.05.2012 11:58:12 - Run 1 OTL by OldTimer - Version 3.2.43.2 Folder = C:\Users\Gast\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 55.71% Memory free 6.19 Gb Paging File | 4.71 Gb Available in Paging File | 76.08% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 117.54 Gb Total Space | 67.11 Gb Free Space | 57.10% Space Free | Partition Type: NTFS Drive D: | 698.64 Gb Total Space | 695.75 Gb Free Space | 99.59% Space Free | Partition Type: NTFS Drive E: | 113.88 Gb Total Space | 101.63 Gb Free Space | 89.24% Space Free | Partition Type: NTFS Computer Name: ASTRID-PC | User Name: astrid | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.05.28 11:57:41 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Gast\Downloads\OTL.exe PRC - [2012.05.28 11:53:02 | 000,050,477 | ---- | M] () -- C:\Users\Gast\Downloads\Defogger.exe PRC - [2012.04.21 03:16:21 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.01.25 15:43:22 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe PRC - [2008.01.22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe PRC - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Power Saver\TosCoSrv.exe PRC - [2007.12.29 10:06:02 | 000,430,080 | ---- | M] () -- C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe PRC - [2007.12.25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe PRC - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\SMARTLogService\TosIPCSrv.exe PRC - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe PRC - [2007.10.25 17:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe PRC - [2007.09.14 03:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE PRC - [2007.02.12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Programme\O2Micro Flash Memory Card Driver\o2flash.exe PRC - [2006.08.23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe ========== Modules (No Company Name) ========== MOD - [2012.05.28 11:53:02 | 000,050,477 | ---- | M] () -- C:\Users\Gast\Downloads\Defogger.exe MOD - [2012.05.25 18:15:29 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll MOD - [2012.05.14 18:58:37 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll MOD - [2012.05.14 18:58:24 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll MOD - [2012.05.12 10:51:03 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll MOD - [2012.05.12 10:50:18 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e4d54640bacd18e047a4573cb4611bd3\System.Windows.Forms.ni.dll MOD - [2012.05.12 10:50:01 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5d8696f15e49aedf883dd945806a7049\System.Drawing.ni.dll MOD - [2012.05.12 10:48:22 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll MOD - [2012.05.12 10:48:00 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll MOD - [2012.04.21 03:16:53 | 001,952,696 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2011.04.24 23:13:30 | 007,008,656 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll MOD - [2011.04.24 23:13:28 | 000,192,912 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll MOD - [2011.04.24 23:13:26 | 001,270,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll MOD - [2011.04.24 23:13:26 | 000,758,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll MOD - [2011.04.24 23:13:24 | 002,118,032 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll MOD - [2011.04.24 23:13:24 | 002,089,360 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll MOD - [2011.04.20 19:56:28 | 000,025,088 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll MOD - [2009.04.30 13:37:08 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2951.26938__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2009.04.30 13:37:08 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2951.27176__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2009.04.30 13:37:08 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2951.26891__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2009.04.30 13:37:08 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2951.26953__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2009.04.30 13:37:08 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2951.27166__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2009.04.30 13:37:08 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2951.27121__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2009.04.30 13:37:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2951.26929__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2009.04.30 13:37:08 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2951.27066__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2009.04.30 13:37:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2951.26912__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2009.04.30 13:37:07 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2951.27206__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2009.04.30 13:37:01 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2951.27213__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2009.04.30 13:37:01 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2951.26905__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2009.04.30 13:37:00 | 000,794,624 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2951.27078__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2009.04.30 13:37:00 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2951.27154__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2009.04.30 13:37:00 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2951.27131__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2009.04.30 13:37:00 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2951.26961__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2009.04.30 13:37:00 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2951.27203__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2009.04.30 13:37:00 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2951.27098__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2009.04.30 13:37:00 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2951.27138__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2009.04.30 13:37:00 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2951.27077__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2009.04.30 13:37:00 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2951.27130__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2009.04.30 13:37:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2951.27202__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2009.04.30 13:36:59 | 000,901,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2951.27168__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2009.04.30 13:36:59 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2951.26967__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2009.04.30 13:36:59 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2951.27069__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2009.04.30 13:36:59 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2951.26914__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2009.04.30 13:36:59 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2951.27113__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2009.04.30 13:36:59 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2951.27059__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2009.04.30 13:36:59 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2951.26974__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2009.04.30 13:36:59 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2951.27067__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2009.04.30 13:36:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2951.26973__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2009.04.30 13:36:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2951.27076__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2009.04.30 13:36:59 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2951.27097__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2009.04.30 13:36:59 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2951.27111__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2009.04.30 13:36:58 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2009.04.30 13:36:58 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2886.28801__90ba9c70f846762e\LOG.Foundation.dll MOD - [2009.04.30 13:36:58 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2886.28803__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2009.04.30 13:36:58 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2886.28837__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2009.04.30 13:36:58 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2009.04.30 13:36:58 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2886.28812__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2009.04.30 13:36:58 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2886.28829__90ba9c70f846762e\MOM.Foundation.dll MOD - [2009.04.30 13:36:58 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2886.28836__90ba9c70f846762e\DEM.OS.dll MOD - [2009.04.30 13:36:58 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2009.04.30 13:36:58 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2886.28837__90ba9c70f846762e\DEM.Graphics.dll MOD - [2009.04.30 13:36:58 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2886.28862__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2009.04.30 13:36:58 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2886.28831__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2009.04.30 13:36:58 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2886.28863__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2009.04.30 13:36:58 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2009.04.30 13:36:57 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2886.28804__90ba9c70f846762e\CLI.Foundation.dll MOD - [2009.04.30 13:36:57 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2886.28823__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2009.04.30 13:36:57 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2009.04.30 13:36:57 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2009.04.30 13:36:57 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2886.28860__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2009.04.30 13:36:57 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2886.28885__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2009.04.30 13:36:57 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2886.28859__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2009.04.30 13:36:57 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2009.04.30 13:36:57 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2886.28817__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2009.04.30 13:36:57 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2886.28813__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2009.04.30 13:36:57 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2009.04.30 13:36:57 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2886.28819__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2009.04.30 13:36:57 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2009.04.30 13:36:57 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2886.28838__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2009.04.30 13:36:56 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2886.28850__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2886.28847__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2886.28849__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2886.28830__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2886.28844__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2886.28848__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2886.28832__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2886.28801__90ba9c70f846762e\AEM.Foundation.dll MOD - [2009.04.30 13:36:56 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2009.04.30 13:36:56 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2886.28839__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2009.04.30 13:36:56 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2886.28831__90ba9c70f846762e\APM.Foundation.dll MOD - [2009.04.30 13:36:56 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2886.28819__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2009.04.30 13:36:53 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2951.26898__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2009.04.30 13:36:53 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2951.26922__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2009.04.30 13:36:53 | 000,413,696 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2951.27183__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2009.04.30 13:36:53 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2951.27193__90ba9c70f846762e\MOM.Implementation.dll MOD - [2009.04.30 13:36:53 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2951.26881__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2009.04.30 13:36:53 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2951.27190__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2009.04.30 13:36:53 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2886.28834__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2009.04.30 13:36:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2886.28809__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2009.04.30 13:36:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2886.28825__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2009.04.30 13:36:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2951.27229__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2009.04.30 13:36:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2886.28814__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2009.04.30 13:36:53 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2886.28826__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2009.04.30 13:36:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2886.28834__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2009.04.30 13:36:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2886.28832__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2009.04.30 13:36:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2886.28851__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2009.04.30 13:36:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2886.28808__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2009.04.30 13:36:53 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2951.27244__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2009.04.30 13:36:53 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2951.26878__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2009.04.30 13:36:53 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2951.27183_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2009.04.30 13:36:52 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2951.26882__90ba9c70f846762e\ATIDEMOS.dll MOD - [2009.04.30 13:36:52 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2951.26880__90ba9c70f846762e\APM.Server.dll MOD - [2009.04.30 13:36:52 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2951.26879__90ba9c70f846762e\AEM.Server.dll MOD - [2009.04.30 13:36:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2951.27192__90ba9c70f846762e\CCC.Implementation.dll MOD - [2009.04.30 13:36:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.03.30 06:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2009.03.30 06:42:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.03.02 11:33:58 | 003,144,192 | ---- | M] () -- C:\Programme\PixiePack Codec Pack\ffdshow.ax MOD - [2008.01.30 16:30:22 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008.01.22 11:00:30 | 004,624,384 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe MOD - [2007.12.29 10:06:02 | 000,430,080 | ---- | M] () -- C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe MOD - [2007.12.12 12:46:04 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2012.05.25 18:15:29 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.30 09:33:15 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2011.07.20 05:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP) SRV - [2008.01.21 16:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv) SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.17 16:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2007.12.25 14:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service) SRV - [2007.12.03 17:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service) SRV - [2007.11.21 18:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) SRV - [2007.02.12 17:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Programme\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash) SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) SRV - [2006.08.23 17:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2005.11.17 15:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- -- (Tosrfcom) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\igdkmd32.sys -- (igfx) DRV - [2012.05.18 23:24:55 | 000,570,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2011.03.10 18:36:18 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2011.03.04 13:23:20 | 000,011,352 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kl2.sys -- (kl2) DRV - [2011.03.04 13:23:14 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1) DRV - [2009.11.02 20:27:16 | 000,019,984 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2009.03.19 14:48:18 | 000,136,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2009.03.19 14:48:12 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc) DRV - [2009.02.09 08:37:56 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2009.02.09 08:37:48 | 000,007,808 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2009.02.09 08:37:46 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2009.02.09 08:37:46 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2008.02.01 12:46:08 | 000,187,904 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService) DRV - [2008.01.30 17:24:00 | 003,483,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008.01.21 15:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\tos_sps32.sys -- (tos_sps32) DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2008.01.15 11:34:58 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR) DRV - [2007.12.17 11:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR) DRV - [2007.11.09 14:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TVALZ_O.SYS -- (TVALZ) DRV - [2007.10.17 23:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio) DRV - [2007.09.26 06:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R) DRV - [2007.04.09 17:13:00 | 000,008,192 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem) DRV - [2006.11.02 09:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2006.10.23 17:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2006.10.18 12:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de IE - HKLM\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {15317E29-64C1-4A74-86E2-BA2BFA6980E3} IE - HKLM\..\SearchScopes\{15317E29-64C1-4A74-86E2-BA2BFA6980E3}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7; IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2736476 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {15317E29-64C1-4A74-86E2-BA2BFA6980E3} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IEFM1&src=IE-SearchBox IE - HKCU\..\SearchScopes\{15317E29-64C1-4A74-86E2-BA2BFA6980E3}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7TSEA_de IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..CT2736476.browser.search.defaultthis.engineName: true FF - prefs.js..browser.search.defaultenginename: "Live Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=" FF - prefs.js..browser.search.selectedEngine: "Freeware.de Customized Web Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.ch/" FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFSB10&ctid=CT2736476&SearchSource=2&q=" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\astrid\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( ) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.05.18 23:46:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.05.18 23:46:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.05.18 23:46:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.28 10:03:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.25 10:48:18 | 000,000,000 | ---D | M] [2011.01.28 22:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\astrid\AppData\Roaming\mozilla\Extensions [2011.01.28 22:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\astrid\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2009.05.02 19:31:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\astrid\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2012.05.22 21:47:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\astrid\AppData\Roaming\mozilla\Firefox\Profiles\zycqk4go.default\extensions [2010.04.28 08:50:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\astrid\AppData\Roaming\mozilla\Firefox\Profiles\zycqk4go.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012.05.22 21:47:36 | 000,000,000 | ---D | M] (Freeware.de) -- C:\Users\astrid\AppData\Roaming\mozilla\Firefox\Profiles\zycqk4go.default\extensions\{7e111a5c-3d11-4f56-9463-5310c3c69025} [2012.05.22 21:47:49 | 000,000,947 | ---- | M] () -- C:\Users\astrid\AppData\Roaming\Mozilla\Firefox\Profiles\zycqk4go.default\searchplugins\conduit.xml [2009.05.03 16:25:12 | 000,001,632 | ---- | M] () -- C:\Users\astrid\AppData\Roaming\Mozilla\Firefox\Profiles\zycqk4go.default\searchplugins\live-search.xml [2012.05.28 10:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.10.11 16:12:17 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.08.30 15:17:14 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O2 - BHO: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (Freeware.de Toolbar) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - C:\Programme\Freeware.de\prxtbFree.dll (Conduit Ltd.) O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony) O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4 - HKLM..\Run: [HDMICtrlMan] C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO) O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO) O13 - gopher Prefix: missing O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2B5A60C7-69E5-43F4-9F92-CAB08519DFA0}: DhcpNameServer = 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF55422C-4CBA-4927-B600-164514816AD7}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO) O24 - Desktop WallPaper: C:\Users\astrid\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\astrid\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010.03.09 10:32:08 | 000,000,101 | -H-- | M] () - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{5f304658-2ae4-11e0-a0ca-001e68ca9b1f}\Shell\AutoRun\command - "" = D:\InstallTomTomHOME.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.05.22 21:46:43 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2012.05.22 21:46:39 | 000,000,000 | ---D | C] -- C:\Users\astrid\AppData\Local\Conduit [2012.05.22 21:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\Freeware.de [2012.05.18 23:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2012 [2012.05.18 23:26:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012.05.18 23:26:40 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2012.05.18 23:24:55 | 000,570,160 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2012.05.18 12:02:40 | 000,000,000 | ---D | C] -- C:\Users\astrid\AppData\Roaming\Malwarebytes [2012.05.18 12:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.05.18 11:40:25 | 000,000,000 | ---D | C] -- C:\Users\astrid\AppData\Roaming\TuneUp Software [2012.05.18 11:39:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.05.18 11:38:57 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.05.18 11:38:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012.04.30 09:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.04.30 09:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.05.28 12:07:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.28 11:53:45 | 000,000,000 | ---- | M] () -- C:\Users\astrid\defogger_reenable [2012.05.28 10:34:43 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.05.28 10:34:43 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.05.28 10:34:43 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.05.28 10:34:43 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.05.28 10:15:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.05.28 10:15:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.05.28 10:15:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.05.28 10:01:40 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.05.18 23:28:34 | 000,115,369 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat [2012.05.18 23:28:34 | 000,097,961 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat [2012.05.18 23:24:55 | 000,570,160 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2012.05.18 12:04:22 | 000,000,680 | ---- | M] () -- C:\Users\astrid\AppData\Local\d3d9caps.dat [2012.05.18 11:06:08 | 000,007,168 | ---- | M] () -- C:\Users\astrid\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.05.18 11:04:05 | 000,000,463 | ---- | M] () -- C:\Users\astrid\Desktop\fotos.lnk [2012.05.12 10:46:14 | 000,350,096 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.05.28 11:53:45 | 000,000,000 | ---- | C] () -- C:\Users\astrid\defogger_reenable [2012.05.25 18:15:31 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.05.18 23:28:34 | 000,115,369 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat [2012.05.18 23:28:34 | 000,097,961 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat [2012.05.18 11:02:51 | 000,000,463 | ---- | C] () -- C:\Users\astrid\Desktop\fotos.lnk [2011.03.11 12:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat [2010.10.18 12:17:43 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2 [2010.08.20 07:13:52 | 000,017,408 | ---- | C] () -- C:\Users\astrid\AppData\Local\WebpageIcons.db ========== LOP Check ========== [2009.05.01 18:47:20 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\DesktopSMS [2009.05.02 14:17:23 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\EPSON [2010.02.07 11:56:37 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\Facebook [2009.05.02 20:19:50 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\LimeWire [2009.05.03 13:54:26 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\Lingo4u [2009.05.01 17:47:46 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\Nokia [2011.07.17 18:00:46 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\OpenCandy [2009.05.02 14:15:28 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\OpenOffice.org [2009.05.01 17:25:11 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\PC Suite [2009.05.02 15:31:36 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\RapidSolution [2011.01.28 22:20:45 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\TomTom [2009.05.03 14:19:13 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\Toshiba [2012.05.18 11:40:25 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\TuneUp Software [2009.05.01 18:39:55 | 000,000,000 | ---D | M] -- C:\Users\astrid\AppData\Roaming\WinPatrol [2012.05.28 10:14:23 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 28.05.2012 11:58:12 - Run 1 OTL by OldTimer - Version 3.2.43.2 Folder = C:\Users\Gast\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 55.71% Memory free 6.19 Gb Paging File | 4.71 Gb Available in Paging File | 76.08% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 117.54 Gb Total Space | 67.11 Gb Free Space | 57.10% Space Free | Partition Type: NTFS Drive D: | 698.64 Gb Total Space | 695.75 Gb Free Space | 99.59% Space Free | Partition Type: NTFS Drive E: | 113.88 Gb Total Space | 101.63 Gb Free Space | 89.24% Space Free | Partition Type: NTFS Computer Name: ASTRID-PC | User Name: astrid | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{092CAAEB-8E94-4DE4-ABDA-C0CE0D08E7FD}" = rport=137 | protocol=17 | dir=out | app=system | "{67B2C3FC-D907-461A-BB72-F7EBE8ED9262}" = lport=445 | protocol=6 | dir=in | app=system | "{7467E238-8F01-4E2A-A3C4-50291A39BD10}" = rport=139 | protocol=6 | dir=out | app=system | "{81F8A1A7-45CD-4CA7-B52A-CA866FAD9FCF}" = lport=137 | protocol=17 | dir=in | app=system | "{8B4C20F0-6496-4433-97A4-57556A0871CC}" = rport=138 | protocol=17 | dir=out | app=system | "{9CDD4ED8-258E-4268-8EEF-D418019C211C}" = rport=445 | protocol=6 | dir=out | app=system | "{DB47B16A-0354-45B3-BF42-890833FEBBBF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F4EFA997-3934-4827-8C53-AD7C8F16D9B3}" = lport=138 | protocol=17 | dir=in | app=system | "{F8E5C1E0-CEE8-48A0-994B-1F817922BC24}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F9E5A8DF-D3AF-45E7-8433-2857590F0DEB}" = lport=139 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{12276D87-EB2D-422B-941C-CD5B38358CB8}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{4DE780FF-4D85-4D05-BC13-DE15A6A21E63}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5454209F-AC6C-4037-B209-646565B9B833}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{580C17DA-89A6-4FDB-B90A-99E6536C7135}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{8E98EDD9-1E54-49B6-A307-BCCB63D45588}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{D1CE7B80-C3A8-4627-AF8D-4D40666ABA0A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{EE58C0A3-7DF2-4947-96F0-D4D0370EE887}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "TCP Query User{28EC6217-6D93-4C50-87CD-03DD0603EBA4}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{BB41056D-52A2-4D0B-BFB9-B539AED7572B}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | "TCP Query User{C39FF60D-9BD4-4E67-910D-82017FBE894E}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | "TCP Query User{C5F5E547-32AF-471F-BD53-435214C0B51E}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | "UDP Query User{04AF14A6-B30D-49A6-97BD-E14C3FBB27D8}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | "UDP Query User{77A1738C-474F-4613-9B25-B1AEDE579ADE}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{A16931F4-6393-4343-912A-53651FAF2FE9}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | "UDP Query User{AA1A255E-8A7D-4E52-87E1-4CCC33E5D32F}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{024558D8-272F-C7C8-4F6D-6FE689B5DC52}" = Catalyst Control Center Localization Japanese "{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series" = Canon iP2600 series "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{1A5A851C-B8B4-CD8E-920B-EE21B9E4FE31}" = Catalyst Control Center Graphics Full Existing "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22 "{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant "{2D7D6A0E-A6A7-1080-980C-67FB8E20D93D}" = ccc-utility "{2F2C3691-E3CB-6066-514D-729BB881216D}" = CCC Help Dutch "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{372B31CF-77FB-4E29-860C-A0EA2985AB7F}" = O2Micro Flash Memory Card Reader Driver (x86) "{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E1E4AB9-C017-746E-92E6-B30A0429E986}" = CCC Help Korean "{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting "{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3 "{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite "{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager "{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A130340-74D9-27C0-0F3D-3F9A69CF938C}" = CCC Help French "{4A944E94-F6E9-9D38-5C5B-B1E5597EB742}" = CCC Help Spanish "{502DBACB-D72F-276E-9B51-1CC980633BDC}" = CCC Help German "{50831C51-70E7-CF72-3B5E-53413B1598E9}" = Catalyst Control Center Localization Dutch "{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup "{52D02A2B-03D2-4E34-A358-DC5D951FD296}" = Nokia Connectivity Cable Driver "{56995235-B76E-44A6-BA17-8FF13D3F907A}" = TOSHIBA Benutzerhandbücher "{56A29640-7334-2E21-8169-5F23EEEE4958}" = CCC Help Chinese Standard "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{60D7B2C5-5824-753E-D091-382D312C5590}" = Catalyst Control Center Localization French "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{6275D380-371D-6D6E-32AF-97009138EBE3}" = Skins "{67905A54-F074-6F13-3C61-DA40552079BB}" = Catalyst Control Center Graphics Light "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER "{6E4F5172-7A60-E18C-D1F2-C8D783197A7C}" = Catalyst Control Center Localization German "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder "{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree "{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP "{7FADEAAE-1AAD-2635-809E-C92477AF1794}" = Catalyst Control Center Localization Italian "{88771941-E487-0F1C-7242-554D82BC8740}" = CCC Help Japanese "{89DCBAD2-592B-A42C-18D7-78601056FBD9}" = Catalyst Control Center Localization Chinese Standard "{8D90017E-FFE1-3077-9113-F4002ED7EB13}" = Catalyst Control Center Localization Swedish "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C450606-ED24-4958-92BA-B8940C99D441}" = PixiePack Codec Pack "{9DDABBD9-B4D1-F927-8970-03E7CF4605F1}" = Catalyst Control Center Localization Korean "{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer "{A07EC392-26B6-E1AE-AFE8-A73F7BFC1C4C}" = CCC Help Chinese Traditional "{A12F36B5-E11F-0128-7D8F-DEC927105BE2}" = CCC Help Swedish "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.4 - Deutsch "{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8 "{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint "{B158BAE0-C912-3697-256D-A9FCEDFAA536}" = Catalyst Control Center Localization Portuguese "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B5897EDD-E78B-067B-DB8F-D85E60B71967}" = Catalyst Control Center Localization Spanish "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{C42601B6-CBA8-7879-D310-7B2E97215D82}" = CCC Help Italian "{C6DCC59B-48D8-5092-2F69-8C423BFAB27F}" = Catalyst Control Center Graphics Previews Vista "{C7128EEC-088D-051A-E8F9-DD4E6F2C3F3E}" = CCC Help Portuguese "{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition "{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser "{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver "{C970757C-FD82-ED94-66C4-AF7C0266699E}" = ATI Catalyst Install Manager "{CB22A47C-EFEA-2400-DB68-8F9B1D24BF43}" = Catalyst Control Center Graphics Full New "{CBDF64B0-8CAB-45C7-B3B2-4637C9F88769}" = HDMI Control Manager "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE8B9F6B-7D9E-3C56-7B27-1E484CD41D78}" = ccc-core-static "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D00EAB9D-C698-D4F6-214F-6FFC496B7F71}" = Catalyst Control Center Core Implementation "{D305D4F8-0820-5DFA-F175-E7D06ED60364}" = CCC Help English "{D58A1E94-9EEA-4C6E-B9FB-D7C63DC6C941}" = Catalyst Control Center - Branding "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe "{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher "{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F983B4FE-547B-4C44-BAF7-4F4DBA93D548}" = Nokia Software Updater "{FEBF75B0-9D67-6178-8737-92A81B3FEA47}" = Catalyst Control Center Localization Chinese Traditional "{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "CameraWindowDC" = Canon Utilities CameraWindow DC "CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX "CameraWindowLauncher" = Canon Utilities CameraWindow "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX "Canon iP2600 series Benutzerregistrierung" = Canon iP2600 series Benutzerregistrierung "Canon MOV Decoder" = Canon MOV Decoder "Canon MOV Encoder" = Canon MOV Encoder "CanonMyPrinter" = Canon My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "CNXT_AUDIO_HDA" = Conexant HD Audio "CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5051&SUBSYS_1179" = HDAUDIO Soft Data Fax Modem with SmartCP "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) "Freeware.de Toolbar" = Freeware.de Toolbar "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{491DD193-1B57-4D1C-8B14-18B96992A89F}" = TOSHIBA Supervisor Password "InstallShield_{52573F8D-F099-4CB5-9EDE-5C27ECB4A02B}" = TOSHIBA Hardware Setup "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder "InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition "InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher "InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}" = Kaspersky Internet Security 2012 "MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D) "MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D) "MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D) "Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX "Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MyCamera" = Canon Utilities MyCamera "MyCameraDC" = Canon Utilities MyCamera DC "PhotoStitch" = Canon Utilities PhotoStitch "Picasa 3" = Picasa 3 "RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX "SynTPDeinstKey" = Synaptics Pointing Device Driver "Windows Media Encoder 9" = Windows Media Encoder 9-Reihe "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Facebook Plug-In" = Facebook Plug-In ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 31.01.2012 03:50:17 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = Error - 31.01.2012 03:50:17 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = Error - 31.01.2012 03:50:18 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = Error - 31.01.2012 03:50:18 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = Error - 31.01.2012 03:50:18 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = Error - 31.01.2012 03:50:18 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = Error - 31.01.2012 03:50:18 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = Error - 31.01.2012 03:50:18 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = Error - 31.01.2012 03:50:18 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = Error - 31.01.2012 03:50:18 | Computer Name = astrid-PC | Source = Windows Search Service | ID = 3013 Description = [ System Events ] Error - 26.05.2012 02:35:31 | Computer Name = astrid-PC | Source = DCOM | ID = 10010 Description = Error - 27.05.2012 06:06:26 | Computer Name = astrid-PC | Source = Service Control Manager | ID = 7000 Description = Error - 27.05.2012 06:06:26 | Computer Name = astrid-PC | Source = Service Control Manager | ID = 7000 Description = Error - 28.05.2012 04:02:04 | Computer Name = astrid-PC | Source = DCOM | ID = 10010 Description = Error - 28.05.2012 04:02:55 | Computer Name = astrid-PC | Source = Service Control Manager | ID = 7043 Description = Error - 28.05.2012 04:05:43 | Computer Name = astrid-PC | Source = Service Control Manager | ID = 7000 Description = Error - 28.05.2012 04:05:43 | Computer Name = astrid-PC | Source = Service Control Manager | ID = 7000 Description = Error - 28.05.2012 04:14:19 | Computer Name = astrid-PC | Source = DCOM | ID = 10010 Description = Error - 28.05.2012 04:16:54 | Computer Name = astrid-PC | Source = Service Control Manager | ID = 7000 Description = Error - 28.05.2012 04:16:54 | Computer Name = astrid-PC | Source = Service Control Manager | ID = 7000 Description = < End of report > |
30.05.2012, 13:16 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Dateien nicht mehr lesbar, alle haben Erstellt: Dienstag, 13. Februar 1601, 10:28:18Zitat:
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
Themen zu Dateien nicht mehr lesbar, alle haben Erstellt: Dienstag, 13. Februar 1601, 10:28:18 |
adobe, autorun, benutzerregistrierung, bho, branding, canon, conduit, defender, desktop, error, firefox, flash player, format, home, install.exe, kaspersky, logfile, microsoft office word, mozilla, office 2007, plug-in, problem, registry, rojaner gefunden, rundll, scan, searchscopes, security, senden, software, tastatur, trojaner, trojaner gefunden, udp, vista |