Hi ich hoffe ihr könnt mir helfen!

Ich habe mir diesen blöden Trojaner eingefangen. Daraufhin habe ich mithilfe eurer Anleitung rkill gestartet und darauf "Malwarebytes Antimalware" durchgeführt. Aber LEider wird der Trojaner immer noch nach Neustart gestartet. Hier die Auswertungen:


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4187

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

10.06.2010 23:50:47
mbam-log-2010-06-10 (23-50-47).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 127515
Laufzeit: 10 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> No action taken.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> No action taken.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\setupupdater0000.exe (Malware.Packer.Gen) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\desktop sms (Worm.P2P) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\corinna\AppData\Roaming\882179CC778848AB3F74A1A9A88B27C0\setupupdater0000.exe (Malware.Packer.Gen) -> No action taken.
C:\Users\corinna\Desktop\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> No action taken.
C:\Users\corinna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> No action taken.
C:\Users\corinna\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> No action taken.
C:\Users\corinna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> No action taken.


RSIT Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Logfile of random's system information tool 1.07 (written by random/random)
Run by corinna at 2010-06-10 23:56:26
Microsoft® Windows Vista™ Home Premium  Service Pack 2
System drive C: has 21 GB (22%) free of 95 GB
Total RAM: 2046 MB (47% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{FC616336-C8AD-4B3B-B910-F7018157DFCA}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-04-16 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Anmelde-Hilfsprogramm - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-31 278128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-31 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-31 278128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe []
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe []
"Persistence"=C:\Windows\system32\igfxpers.exe []
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"topi"=C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-04-02 577536]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-06-13 4489216]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-05-23 509496]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"HWSetup"=\HWSetup.exe hwSetUP []
"NDSTray.exe"=NDSTray.exe []
"Desktop SMS"=C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-04-10 413696]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-06-08 894512]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"EPSON Stylus Photo R240 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE [2005-04-25 98304]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-04-24 142120]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2006-11-13 413696]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-29 39408]
"setupupdater0000.exe"=C:\Users\corinna\AppData\Roaming\882179CC778848AB3F74A1A9A88B27C0\setupupdater0000.exe [2010-06-10 1043968]

C:\Users\corinna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Antimalware Doctor.lnk - C:\Users\corinna\AppData\Roaming\882179CC778848AB3F74A1A9A88B27C0\setupupdater0000.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2009-10-20 219664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-06-10 23:11:20 ----D---- C:\Program Files\trend micro
2010-06-10 23:11:19 ----D---- C:\rsit
2010-06-10 23:02:45 ----D---- C:\Program Files\CCleaner
2010-06-10 22:17:02 ----D---- C:\Users\corinna\AppData\Roaming\Malwarebytes
2010-06-10 22:16:22 ----D---- C:\ProgramData\Malwarebytes
2010-06-10 22:16:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-10 12:30:19 ----D---- C:\Program Files\$NtUninstallWTF1012$
2010-06-10 12:30:05 ----D---- C:\Users\corinna\AppData\Roaming\882179CC778848AB3F74A1A9A88B27C0
2010-05-30 12:59:53 ----D---- C:\ProgramData\Kaspersky Lab
2010-05-30 12:59:53 ----D---- C:\Program Files\Kaspersky Lab
2010-05-26 20:07:09 ----A---- C:\Windows\system32\tzres.dll
2010-05-12 08:15:22 ----A---- C:\Windows\system32\inetcomm.dll

======List of files/folders modified in the last 1 months======

2010-06-10 23:56:26 ----D---- C:\Windows\Temp
2010-06-10 23:52:08 ----D---- C:\Windows
2010-06-10 23:37:04 ----D---- C:\Windows\Prefetch
2010-06-10 23:35:08 ----SHD---- C:\Windows\Installer
2010-06-10 23:35:03 ----RD---- C:\Program Files
2010-06-10 23:34:29 ----SHD---- C:\System Volume Information
2010-06-10 23:25:56 ----D---- C:\Temp
2010-06-10 23:06:26 ----D---- C:\Users\corinna\AppData\Roaming\Media Player Classic
2010-06-10 23:06:16 ----D---- C:\Windows\Minidump
2010-06-10 23:06:16 ----D---- C:\Windows\Debug
2010-06-10 22:16:24 ----D---- C:\Windows\system32\drivers
2010-06-10 22:16:22 ----HD---- C:\ProgramData
2010-06-05 08:09:06 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-04 22:18:06 ----D---- C:\Program Files\Metin2_Germany
2010-06-04 08:38:09 ----D---- C:\Program Files\DivX
2010-06-04 08:38:09 ----D---- C:\Program Files\Common Files\DivX Shared
2010-06-04 08:38:08 ----D---- C:\ProgramData\DivX
2010-05-30 17:59:20 ----D---- C:\Program Files\Google
2010-05-30 13:18:58 ----D---- C:\Windows\system32\WDI
2010-05-30 13:01:11 ----D---- C:\Windows\system32\catroot
2010-05-30 13:00:56 ----D---- C:\Windows\inf
2010-05-30 13:00:28 ----D---- C:\Windows\System32
2010-05-30 12:57:14 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2010-05-30 11:26:12 ----D---- C:\Windows\system32\catroot2
2010-05-30 09:50:19 ----SD---- C:\Windows\Downloaded Program Files
2010-05-27 08:26:14 ----D---- C:\Windows\rescache
2010-05-26 20:34:39 ----D---- C:\Windows\winsxs
2010-05-26 20:34:39 ----D---- C:\Windows\system32\de-DE
2010-05-26 20:33:48 ----D---- C:\Program Files\Internet Explorer
2010-05-25 18:52:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-05-18 13:58:02 ----D---- C:\Windows\system32\NDF
2010-05-16 14:39:39 ----D---- C:\Users\corinna\AppData\Roaming\teamspeak2
2010-05-16 14:38:03 ----D---- C:\Users\corinna\AppData\Roaming\Skype
2010-05-16 12:20:50 ----D---- C:\Users\corinna\AppData\Roaming\skypePM
2010-05-12 11:21:16 ----N---- C:\Windows\system32\MpSigStub.exe
2010-05-12 09:15:12 ----D---- C:\Windows\system32\LogFiles
2010-05-12 08:19:04 ----D---- C:\Program Files\Windows Mail
2010-05-12 08:18:42 ----D---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2009-09-01 128016]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2010-05-30 311312]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2009-11-03 21520]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-06-21 2600960]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-12 1787816]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-10-02 19472]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-26 2216448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-06-08 187448]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
S3 athr;Atheros Extensible Drahtlos-LAN-Gerätetreiber; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 tbhsd;Tunebite High-Speed Dubbing; C:\Windows\system32\drivers\tbhsd.sys [2010-03-30 37920]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-16 41472]
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-06-21 606208]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2010-04-24 545576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-20 136176]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe []
S3 aspnet_state;ASP.NET-Zustandsdienst; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-29 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
         

--- --- ---


info.txtRSIT Logfile:

Code: Alles auswählenAufklappen

ATTFilter

logfile of random's system information tool 1.06 2010-06-10 23:11:27

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x7 
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x7 
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0.9 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A70900000002}
Apple Application Support-->MsiExec.exe /I{553255F3-78FD-40F1-A6F8-6882140265FE}
Apple Mobile Device Support-->MsiExec.exe /I{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
Audials TV-->MsiExec.exe /I{24EE4523-711A-4BD1-95EA-F73A8A6950D3}
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /X{8A253629-0511-4854-8B4E-46E57E66005C}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0007
Catalyst Control Center - Branding-->MsiExec.exe /I{22543949-70E8-45D0-A938-F38143EB8BF8}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CD/DVD Drive Acoustic Silencer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe" -l0x7 
Cool Edit Pro 2.1-->C:\Program Files\coolpro2\cep2unin.exe
Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0-->"C:\Program Files\Codemasters\Der Herr der Ringe Online\unins000.exe"
Desktop SMS-->MsiExec.exe /I{5980B928-1C95-4B3E-957B-B02D8147FF9E}
DivX Converter-->C:\ProgramData\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe /CONVERTER
DivX Plus DirectShow Filters-->C:\ProgramData\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe /DSFILTERS
DivX-Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x7 
Emdedded IR Driver-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{A6D4234C-CB02-4048-AC3E-AD09404FA35A} 
EPSON-Drucker-Software-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)-->C:\Program Files\MAGIX\Common\Database\uninstall.exe
Free Studio version 4.3-->"C:\Program Files\DVDVideoSoft\Free Studio\unins000.exe"
Free YouTube to MP3 Converter version 3.2-->"C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\5.0.375.70\Installer\setup.exe" --uninstall --system-level
Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}
Google Talk (remove only)-->"C:\Program Files\Google\Google Talk\uninstall.exe"
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_A22A7357696681C5.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall  /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Intel Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
iTunes-->MsiExec.exe /I{4FB120F8-622C-4260-AB49-0F43A59CCF2A}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
Kaspersky Internet Security 2010-->MsiExec.exe /I{9D8B0949-7C47-476F-9F06-F900D3B078EA}
K-Lite Mega Codec Pack 5.7.0-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LogMeIn Hamachi-->C:\Windows\system32\\msiexec.exe /i {8A74DEFD-A224-49CC-AB80-4E88BC730125} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{8A74DEFD-A224-49CC-AB80-4E88BC730125}
MAGIX Digital Foto Maker SE 4.1.0.835 (D)-->C:\Program Files\MAGIX\DigitalFotoMaker2007_SE\instslct.exe
MAGIX Foto Suite 1.12.0.89 (D)-->C:\Program Files\MAGIX\Foto_Suite\instslct.exe
MAGIX Online Druck Service 2.3.2.0 (D)-->C:\Program Files\MAGIX\Online_Druck_Service\instslct.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
maxdome - Online Videothek Version 3.1.0-->"C:\Program Files\maxdome\maxdome - Online Videothek\unins000.exe"
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack SP1 - deu-->MsiExec.exe /I{052FDD78-A6EA-3187-8386-C82F4CA3A929}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (3.6.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
nightclub.de - Ihre Online Videothek Version 3.1.0-->"C:\Program Files\nightclub.de\unins000.exe"
Performance Platform Voguecash-->C:\Windows\system32\tkkxukizpc.exe
PixiePack Codec Pack-->MsiExec.exe /I{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0007 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Sky-Banners browser enhancer-->"C:\Program Files\$NtUninstallWTF1012$\elUninstall.exe"
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0407
TOSHIBA Assist-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe" -l0x7 
TOSHIBA ConfigFree-->C:\Program Files\InstallShield Installation Information\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}\setup.exe -runfromtemp -l0x0007 uninstall -removeonly
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0407
TOSHIBA Flash Cards Support Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{620BBA5E-F848-4D56-8BDA-584E44584C5E} 
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1031 
Toshiba Online Product Information-->C:\Program Files\InstallShield Installation Information\{2290A680-4083-410A-ADCC-7092C67FC052}\setup.exe -runfromtemp -l0x0007 -removeonly
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Supervisorkennwort-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1031 
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0407
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
WinAce Archiver-->C:\Program Files\WinAce\SXUNINST.EXE C:\Program Files\WinAce\SXUNINST.INI
Windows Live Anmelde-Assistent-->MsiExec.exe /I{52B97218-98CB-4B8B-9283-D213C85E1AA4}
Windows Live Call-->MsiExec.exe /I{5FC68772-6D56-41C6-9DF1-24E868198AE6}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}
Windows Live Messenger-->MsiExec.exe /X{41E654A9-26D0-4EAC-854B-0FA824FFFABB}
Windows Live-Uploadtool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Media Encoder 9-Reihe-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9-Reihe-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Software Update-->C:\PROGRA~1\Yahoo!\SOFTWA~1\UNINST~1.EXE

======Security center information======

AV: AntiVir Desktop (disabled)
AS: AntiVir Desktop (disabled)
AS: Windows-Defender

======System event log======

Computer Name: Corinna
Event Code: 4386
Message: Windows-Wartung erforderte einen Neustart, um das Update bthmtpenum.inf aus Paket KB971514_de-DE(Language Pack) in den Status Installation angefordert(Install Requested) setzen zu können.
Record Number: 356829
Source Name: Microsoft-Windows-Servicing
Time Written: 20100116074952.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: Corinna
Event Code: 4386
Message: Windows-Wartung erforderte einen Neustart, um das Update wpdmtphw.inf aus Paket KB971514_de-DE(Language Pack) in den Status Installation angefordert(Install Requested) setzen zu können.
Record Number: 356828
Source Name: Microsoft-Windows-Servicing
Time Written: 20100116074952.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: Corinna
Event Code: 4386
Message: Windows-Wartung erforderte einen Neustart, um das Update wpdmtp.inf aus Paket KB971514_de-DE(Language Pack) in den Status Installation angefordert(Install Requested) setzen zu können.
Record Number: 356827
Source Name: Microsoft-Windows-Servicing
Time Written: 20100116074952.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: Corinna
Event Code: 4386
Message: Windows-Wartung erforderte einen Neustart, um das Update wpdfs.inf aus Paket KB971514_de-DE(Language Pack) in den Status Installation angefordert(Install Requested) setzen zu können.
Record Number: 356826
Source Name: Microsoft-Windows-Servicing
Time Written: 20100116074952.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: Corinna
Event Code: 4386
Message: Windows-Wartung erforderte einen Neustart, um das Update WPD7IP-Platform aus Paket KB971514_de-DE(Language Pack) in den Status Installation angefordert(Install Requested) setzen zu können.
Record Number: 356825
Source Name: Microsoft-Windows-Servicing
Time Written: 20100116074952.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

=====Application event log=====

Computer Name: LH-XLG62I3UWWR9
Event Code: 36
Message: 
Record Number: 2136
Source Name: ccSvcHst
Time Written: 20070712095450.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: LH-XLG62I3UWWR9
Event Code: 36
Message: 
Record Number: 2135
Source Name: ccSvcHst
Time Written: 20070712095450.000000-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM

Computer Name: LH-XLG62I3UWWR9
Event Code: 5007
Message: Die Zieldatei für die Windows-Feedbackplattform (eine DLL-Datei, die eine Liste der auf diesem Computer aufgetretenen Probleme enthält, für deren Diagnose das Sammeln zusätzlicher Daten erforderlich ist) konnte nicht analysiert werden. Fehlercode 8014FFF9.
Record Number: 2134
Source Name: WerSvc
Time Written: 20070712095450.000000-000
Event Type: Fehler
User: 

Computer Name: LH-XLG62I3UWWR9
Event Code: 1013
Message: Der Windows-Suchdienst wurde normal beendet.

Record Number: 2133
Source Name: Microsoft-Windows-Search
Time Written: 20070712095323.000000-000
Event Type: Informationen
User: 

Computer Name: LH-XLG62I3UWWR9
Event Code: 1
Message: Der Windows-Sicherheitscenterdienst wurde gestartet.
Record Number: 2132
Source Name: SecurityCenter
Time Written: 20070712095315.000000-000
Event Type: Informationen
User: 

=====Security event log=====

Computer Name: LH-XLG62I3UWWR9
Event Code: 4647
Message: Benutzerinitiierte Abmeldung:

Antragsteller:
	Sicherheits-ID:		S-1-5-21-3384321093-2115416035-1516603368-500
	Kontoname:		Administrator
	Kontodomäne:		LH-XLG62I3UWWR9
	Anmelde-ID:		0x30dd4

Dieses Ereignis wird generiert, wenn eine Abmeldung initiiert wird, aber die Anzahl der Tokenreferenzen nicht Null ist und die Anmeldesitzung nicht zerstört werden kann. Es kann keiner Benutzerinitiierte Aktion erfolgen. Dieses Ereignis kann als Abmeldeereignis interpretiert werden.
Record Number: 2358
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070712095452.393200-000
Event Type: Überwachung erfolgreich
User: 

Computer Name: LH-XLG62I3UWWR9
Event Code: 4634
Message: Ein Konto wurde abgemeldet.

Antragsteller:
	Sicherheits-ID:		S-1-5-7
	Kontoname:		ANONYMOUS-ANMELDUNG
	Kontodomäne:		NT-AUTORITÄT
	Anmelde-ID:		0x22c68

Anmeldetyp:			3

Dieses Ereignis wird generiert, wenn eine Anmeldesitzung zerstört wird. Es kann anhand des Wertes der Anmelde-ID positiv mit einem Anmeldeereignis korreliert werden. Anmelde-IDs sind nur zwischen Neustarts auf demselben Computer eindeutig.
Record Number: 2357
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070712095450.835000-000
Event Type: Überwachung erfolgreich
User: 

Computer Name: LH-XLG62I3UWWR9
Event Code: 4616
Message: Die Systemzeit wurde geändert.

Antragsteller:
	Sicherheits-ID:		S-1-5-19
	Kontoname:		LOKALER DIENST
	Kontodomäne:		NT-AUTORITÄT
	Anmelde-ID:		0x3e5

Prozessinformationen:
	Prozess-ID:	0x468
	Name:		C:\Windows\System32\svchost.exe

Vorherige Zeit:		11:54:50 12.07.2007
Neue Zeit:		11:54:50 12.07.2007

Dieses Ereignis wird generiert, wenn die Systemzeit geändert wird. Es ist normal, dass der mit Systemberechtigung ausgeführte Windows-Zeitdienst die Systemzeit regelmäßig ändert. Andere Änderungen der Systemzeit können darauf hinweisen, dass der Computer manipuliert wird.
Record Number: 2356
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20070712095450.575000-000
Event Type: Überwachung erfolgreich
User: 

Computer Name: LH-XLG62I3UWWR9
Event Code: 1100
Message: Der Ereignisprotokollierungsdienst wurde heruntergefahren.
Record Number: 2355
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070712095450.804000-000
Event Type: Überwachung erfolgreich
User: 

Computer Name: LH-XLG62I3UWWR9
Event Code: 1102
Message: Das Überwachungsprotokoll wurde gelöscht.
Subjekt:
	Sicherheits- ID:	S-1-5-21-3384321093-2115416035-1516603368-500
	Kontoname:	Administrator
	Domänenname:	LH-XLG62I3UWWR9
	Logon-ID:	0x30dd4
Record Number: 2354
Source Name: Microsoft-Windows-Eventlog
Time Written: 20070712095315.177099-000
Event Type: Überwachung erfolgreich
User: 

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\DivX Shared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"asl.log"=Destination=file;OnFirstLog=command,environment
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip

-----------------EOF-----------------
         

--- --- ---

Ich hoffe ihr könnt mir helfen, da ich überhaupt keine Ahnung von solchen Dingen habe!

DAnke im vorraus!

Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles hier in den Thread.

Hier der vollständige Scan Log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4187

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

15.06.2010 12:40:36
mbam-log-2010-06-15 (12-40-36).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Durchsuchte Objekte: 243114
Laufzeit: 1 Stunde(n), 37 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Hier einmal mit OTL:

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 15.06.2010 14:44:26 - Run 1
OTL by OldTimer - Version 3.2.6.0     Folder = C:\Users\corinna\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,77 Gb Total Space | 25,02 Gb Free Space | 26,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 92,07 Gb Total Space | 85,28 Gb Free Space | 92,63% Space Free | Partition Type: NTFS
Drive F: | 41,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CORINNA
Current User Name: corinna
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" = 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-3459218475-2081859320-637963891-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{EC30F643-9708-4561-BED4-CC127E7E9E9B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{ECDE3B44-8796-4058-8F75-EDDD7D1B9633}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04C56B53-093F-4BF0-8547-C5D5DF0B8280}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{0AAC2A18-D6E0-4362-82F1-45FF96AB9662}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{0B649790-9C0C-4DF0-868B-F080A930DF6A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{4833BD69-7F75-46A2-87A0-3217FFCDF2C0}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{56A8094B-C88D-4D8B-A883-EB7A85B87FEE}" = protocol=17 | dir=in | app=c:\program files\metin2_germany\metin2.exe | 
"{774584F0-178E-41F9-AD30-81BE86C93EB0}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"{81D24205-5233-4B14-9436-698ACF284776}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{9C680F9C-2509-4830-9946-7CDD2B4DD072}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{A0EE116D-AF6E-4C83-9D01-509E3950C747}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | 
"{A33180DB-204D-4026-B23A-6D6CA5D2D72E}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe | 
"{AA0905BC-9DFB-49D8-A4C5-3A46773D428D}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe | 
"{AF178683-6D49-412E-842D-1EEA13D048D5}" = protocol=6 | dir=in | app=c:\program files\metin2_germany\metin2.exe | 
"{DCE49346-BD96-4F57-929E-F995F0DCE873}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{E3BF767F-320B-47E1-AAD6-8969A4EE47F9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00004EE8-1E8B-BB10-6588-07DF0D120F6B}" = CCC Help Korean
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E107FC-1861-FC4A-E80F-07DA9DC5808C}" = Catalyst Control Center Graphics Previews Vista
"{03C55715-3545-2DF8-8C64-2BB877955150}" = Catalyst Control Center Localization Chinese Traditional
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0755396F-D048-8CDD-6AC3-C7C83A6869B5}" = CCC Help Czech
"{08B7B1F9-A8EB-7632-FFC3-04AB5328143B}" = CCC Help Chinese Standard
"{09F52B2B-8B36-130C-5EBD-6E5FFC5FA0B7}" = CCC Help English
"{0E1C53DA-DF86-845A-7BEB-14C4A8E0B150}" = Catalyst Control Center Localization Korean
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15B924BC-AEB2-7E31-F414-1FC7B385846A}" = CCC Help Greek
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20CFE038-F4CE-0716-DCA0-04BBD67FE5EA}" = CCC Help Turkish
"{2126F5BB-AB90-083F-7AA8-A29D73819DAA}" = CCC Help French
"{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26E6EA50-532C-8CF3-5EB4-8C8D306EAB58}" = Catalyst Control Center Localization Polish
"{27CD3616-D3B0-834C-89A3-4FC5CEE7374D}" = Catalyst Control Center Graphics Full Existing
"{28912B61-0265-3C33-7EC7-14345AC76E3D}" = CCC Help Hungarian
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2D06C1FE-8454-5663-D0E9-1C130FD96446}" = Catalyst Control Center Localization Norwegian
"{30F9E15A-EE25-6D32-62CE-2E6BEAED3766}" = CCC Help Italian
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{342A19C7-3335-C02F-F1DD-3A0B49C3D047}" = Catalyst Control Center Localization Greek
"{34EF4F67-A3CE-DAB6-FA06-7C4C59A0D462}" = Catalyst Control Center Localization Swedish
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3CE22BE4-E2D3-F0E8-1C52-1B5A5F97B876}" = Catalyst Control Center Localization Turkish
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{400F4990-B111-109A-6B08-E80CB42651AA}" = Catalyst Control Center Localization Danish
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{44479884-EB6D-38DA-1D3E-835625E40F7E}" = Catalyst Control Center Graphics Previews Common
"{480CA9F1-17E2-0B15-9684-511C0A083F92}" = Catalyst Control Center Localization Thai
"{4F31172C-2692-BB28-8F5B-86474CEC5D33}" = Catalyst Control Center Localization Chinese Standard
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54AAFB71-6DCB-32EB-8F91-DA7643497ED4}" = Catalyst Control Center Localization Spanish
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{5D1CB0EC-0CA2-B4FD-2A10-2503A3CF7E46}" = Catalyst Control Center Localization Italian
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5EFE618D-0100-6DE7-9894-5FD057103871}" = Catalyst Control Center Core Implementation
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{63D10FBD-5667-DAD9-0B31-CED873B3F7EF}" = Catalyst Control Center Graphics Light
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7936153F-8D09-BC11-6DC4-1D4DEAB9D680}" = CCC Help Thai
"{816B8A02-76F0-AE47-E28F-0AD114CC261E}" = CCC Help Polish
"{82AB4F83-BBBA-8F04-EE34-11F74E39A4B6}" = Catalyst Control Center Localization German
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86158699-F584-0DC9-119D-C5A6591090FB}" = CCC Help Chinese Traditional
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{920E3F1A-0B73-807D-EE0E-E6D89D4E5DDE}" = Catalyst Control Center Localization Dutch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{985AF15E-776F-3CDD-EB92-2DAFF02697FB}" = Skins
"{98CE747E-4948-10B0-BBF0-5981A11114D1}" = Catalyst Control Center Localization Hungarian
"{99F54171-AE4A-579B-1544-5870478FC8F7}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A1BAD23B-748C-50FD-CCA9-956C3F54D138}" = CCC Help German
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD82299-8034-4B44-4FDB-3F8971C20575}" = CCC Help Finnish
"{AC76BA86-7AD7-1031-7B44-A70900000002}" = Adobe Reader 7.0.9 - Deutsch
"{ACE07E37-A416-9A6B-D352-C776FFA49493}" = CCC Help Spanish
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2AEC44B-F926-773D-D028-77CADEF8D9D3}" = CCC Help Norwegian
"{B537ACDB-7C56-83B6-034C-A5AF6400F789}" = CCC Help Swedish
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B8AB4511-EECC-9299-45B3-F25F4774F6F2}" = CCC Help Russian
"{BD75C1A0-F0ED-B54A-B49C-3244B47BA803}" = ccc-utility
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C6317675-96CC-D2AE-40F2-698F3DED64B4}" = CCC Help Portuguese
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7FAEA9E-A14C-D8C9-EEE9-8D43F9E09565}" = Catalyst Control Center Localization Czech
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC35C434-FFC8-BDD8-44F0-ED0972484C56}" = CCC Help Dutch
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D646CA8B-5227-1598-5E9C-132B2D89A38D}" = Catalyst Control Center Localization Japanese
"{D8E302CB-8517-3E9B-C6C9-E90A21C6EFC5}" = CCC Help Danish
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0BB634D-B374-A329-EE5D-22C279F92A7F}" = ccc-core-static
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C1426C-6670-4068-6398-EB490D45979F}" = Catalyst Control Center Localization Portuguese
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8B5B814-A3BF-F83F-09ED-AED9EE88211A}" = Catalyst Control Center Localization French
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F927176F-F8F0-FACF-A57E-4F95714B6F00}" = Catalyst Control Center Localization Russian
"{FA7BB878-FC13-7548-13D3-18A53381014D}" = CCC Help Japanese
"{FB56EE4D-7CBC-6FDC-E336-52BD269E4CF6}" = Catalyst Control Center Localization Finnish
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online: Die Belagerung des Düsterwalds v03.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Free Studio_is1" = Free Studio version 4.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.7.0
"LogMeIn Hamachi" = LogMeIn Hamachi
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"maxdome - Online Videothek_is1" = maxdome - Online Videothek Version 3.1.0
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"nightclub.de - Ihre Online Videothek_is1" = nightclub.de - Ihre Online Videothek Version 3.1.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Uninstall_is1" = Uninstall 1.0.0.1
"WinAce Archiver" = WinAce Archiver
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 15.05.2010 03:38:13 | Computer Name = Corinna | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6708
 
Error - 15.05.2010 03:38:13 | Computer Name = Corinna | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6708
 
Error - 15.05.2010 03:38:14 | Computer Name = Corinna | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 15.05.2010 03:38:14 | Computer Name = Corinna | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7784
 
Error - 15.05.2010 03:38:14 | Computer Name = Corinna | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7784
 
Error - 16.05.2010 08:12:48 | Computer Name = Corinna | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.6001.18904 arbeitet nicht mehr 
mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
 "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen 
über das Problem zu suchen.  Prozess-ID: 17a8  Anfangszeit: 01caf4e61f0a4c6b  Zeitpunkt
 der Beendigung: 47
 
Error - 16.05.2010 08:48:58 | Computer Name = Corinna | Source = Application Hang | ID = 1002
Description = Programm TeamSpeak.exe, Version 2.0.32.60 arbeitet nicht mehr mit 
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet 
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
 das Problem zu suchen.  Prozess-ID: ea0  Anfangszeit: 01caf4f53be7dd2b  Zeitpunkt der
 Beendigung: 14
 
Error - 16.05.2010 16:00:23 | Computer Name = Corinna | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung TeamSpeak.exe, Version 2.0.32.60, Zeitstempel
 0x2a425e19, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18005, Zeitstempel
 0x49e037dd, Ausnahmecode 0xc0000005, Fehleroffset 0x000bf9cd,  Prozess-ID 0x60c, 
Anwendungsstartzeit 01caf530f56896a0.
 
Error - 19.05.2010 08:19:39 | Computer Name = Corinna | Source = Google Update | ID = 20
Description = 
 
Error - 20.05.2010 02:18:17 | Computer Name = Corinna | Source = Google Update | ID = 20
Description = 
 
[ Media Center Events ]
Error - 14.12.2009 15:24:51 | Computer Name = Corinna | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.SqmFlushSession failed;
 Win32 GetLastError returned 0D  Prozess: DefaultDomain Objektname: Media Center Guide

 
[ System Events ]
Error - 14.06.2010 02:34:45 | Computer Name = Corinna | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 14.06.2010 02:34:45 | Computer Name = Corinna | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 14.06.2010 02:35:50 | Computer Name = Corinna | Source = Service Control Manager | ID = 7009
Description = 
 
Error - 14.06.2010 02:35:50 | Computer Name = Corinna | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 14.06.2010 03:04:36 | Computer Name = Corinna | Source = DCOM | ID = 10010
Description = 
 
Error - 15.06.2010 04:57:34 | Computer Name = Corinna | Source = atikmdag | ID = 43034
Description = Unknown EDID version
 
Error - 15.06.2010 04:57:34 | Computer Name = Corinna | Source = atikmdag | ID = 43034
Description = Unknown EDID version
 
Error - 15.06.2010 04:57:34 | Computer Name = Corinna | Source = atikmdag | ID = 43034
Description = Unknown EDID version
 
Error - 15.06.2010 04:58:50 | Computer Name = Corinna | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 15.06.2010 04:58:50 | Computer Name = Corinna | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
         

--- --- ---

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 15.06.2010 14:44:26 - Run 1
OTL by OldTimer - Version 3.2.6.0     Folder = C:\Users\corinna\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,77 Gb Total Space | 25,02 Gb Free Space | 26,97% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 92,07 Gb Total Space | 85,28 Gb Free Space | 92,63% Space Free | Partition Type: NTFS
Drive F: | 41,17 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CORINNA
Current User Name: corinna
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\corinna\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Windows\System32\msfeedssync.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
PRC - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtblfs.exe (Kaspersky Lab)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.)
PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
PRC - C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Programme\TOSHIBA\Utilities\KeNotify.exe ()
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\corinna\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (TOSHIBA Bluetooth Service) --  File not found
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (klbg) -- C:\Windows\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV - (CplIR) -- C:\Windows\system32\DRIVERS\CplIR.SYS (COMPAL ELECTRONIC INC.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments)
DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION)
DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.05 21:52:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.05 21:52:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\THBExt [2010.05.30 13:00:28 | 000,000,000 | ---D | M]
 
[2010.02.26 23:13:11 | 000,000,000 | ---D | M] -- C:\Users\corinna\AppData\Roaming\mozilla\Extensions
[2010.05.05 21:52:47 | 000,000,000 | ---D | M] -- C:\Users\corinna\AppData\Roaming\mozilla\Firefox\Profiles\ibxsgo12.default\extensions
[2010.05.05 21:52:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\corinna\AppData\Roaming\mozilla\Firefox\Profiles\ibxsgo12.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.05 21:52:38 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\corinna\AppData\Roaming\mozilla\Firefox\Profiles\ibxsgo12.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.05.30 13:01:56 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.30 13:01:56 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010.01.16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (no name) -  - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EPSON Stylus Photo R240 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup]  File not found
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NDSTray.exe]  File not found
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} -  File not found
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {2665693B-C4F3-434B-83DB-7574CF50C8B7} hxxp://www.kaspersky.com/downloads/misc/kasperskylicensefinder.cab (Kaspersky License Finder)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E4CF4E86-D0DC-4864-8F0E-4F6EA2526334} https://img.web.de/v/smartdrive/v23/activex/web_de_osupload_2002.cab (UI File Upload Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2010\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll -  File not found
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O24 - Desktop WallPaper: C:\Users\corinna\Desktop\DSC00104.jpg
O24 - Desktop BackupWallPaper: C:\Users\corinna\Desktop\DSC00104.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.15 14:41:57 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\corinna\Desktop\OTL.exe
[2010.06.11 12:10:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.06.11 12:10:31 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.06.11 12:10:30 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.06.11 12:10:23 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.06.11 12:10:23 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.06.11 12:10:22 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.06.11 12:10:22 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.06.11 12:10:22 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.06.11 12:10:21 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.06.11 12:10:21 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.06.11 12:10:21 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.06.11 12:10:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.06.11 12:10:21 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.06.11 12:10:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.06.11 12:10:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.06.11 12:10:20 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.06.11 12:10:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.06.11 12:10:20 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.06.11 12:10:17 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.06.10 23:11:20 | 000,000,000 | ---D | C] -- C:\Programme\trend micro
[2010.06.10 23:11:19 | 000,000,000 | ---D | C] -- C:\rsit
[2010.06.10 23:02:45 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.06.10 22:17:02 | 000,000,000 | ---D | C] -- C:\Users\corinna\AppData\Roaming\Malwarebytes
[2010.06.10 22:16:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.06.10 22:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.10 22:16:21 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.06.10 22:16:21 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.06.10 22:13:06 | 006,153,648 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\corinna\Documents\herbert.exe
[2010.06.10 12:30:19 | 000,000,000 | ---D | C] -- C:\Programme\$NtUninstallWTF1012$
[2010.06.10 12:30:05 | 000,000,000 | ---D | C] -- C:\Users\corinna\AppData\Roaming\882179CC778848AB3F74A1A9A88B27C0
[2010.05.30 12:59:53 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2010.05.30 12:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.05.30 12:59:33 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.05.26 20:07:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.05.25 18:53:10 | 000,000,000 | ---D | C] -- C:\Users\corinna\Desktop\Neuer Ordner
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.15 14:44:41 | 003,145,728 | -HS- | M] () -- C:\Users\corinna\ntuser.dat
[2010.06.15 14:44:33 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FC616336-C8AD-4B3B-B910-F7018157DFCA}.job
[2010.06.15 14:42:05 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\corinna\Desktop\OTL.exe
[2010.06.15 14:17:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.06.15 12:58:26 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.15 12:58:26 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.15 10:59:19 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.06.15 10:58:32 | 000,293,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.06.15 10:58:29 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.15 10:58:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.15 10:56:55 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.14 09:04:41 | 000,524,288 | -HS- | M] () -- C:\Users\corinna\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.06.14 09:04:41 | 000,065,536 | -HS- | M] () -- C:\Users\corinna\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.06.12 00:06:11 | 002,793,215 | -H-- | M] () -- C:\Users\corinna\AppData\Local\IconCache.db
[2010.06.10 23:02:46 | 000,001,675 | ---- | M] () -- C:\Users\corinna\Desktop\CCleaner.lnk
[2010.06.10 22:16:27 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.10 22:14:05 | 006,153,648 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\corinna\Documents\herbert.exe
[2010.06.10 22:04:54 | 000,363,520 | ---- | M] () -- C:\Users\corinna\Documents\iExplore.exe
[2010.06.10 21:09:45 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010.06.04 08:38:08 | 000,001,401 | ---- | M] () -- C:\Users\corinna\Desktop\DivX Movies.lnk
[2010.06.04 08:37:44 | 000,000,922 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.06.04 08:37:20 | 000,000,962 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010.05.30 17:59:22 | 000,000,979 | ---- | M] () -- C:\Users\corinna\Desktop\Google Talk.lnk
[2010.05.30 14:02:16 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.05.30 13:09:19 | 000,113,933 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.05.30 13:09:19 | 000,097,549 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.05.30 12:59:33 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.05.26 19:06:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.05.26 16:47:41 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.05.25 18:52:00 | 001,447,610 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.25 18:52:00 | 000,628,910 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.25 18:52:00 | 000,595,946 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.25 18:52:00 | 000,127,412 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.25 18:52:00 | 000,105,276 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.25 18:44:39 | 000,015,414 | -H-- | M] () -- C:\Users\corinna\Desktop\mxfilerelatedcache.mxc2
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.06.10 23:02:46 | 000,001,675 | ---- | C] () -- C:\Users\corinna\Desktop\CCleaner.lnk
[2010.06.10 22:16:27 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.10 22:04:30 | 000,363,520 | ---- | C] () -- C:\Users\corinna\Documents\iExplore.exe
[2010.06.04 08:37:44 | 000,000,922 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.05.30 17:59:22 | 000,000,979 | ---- | C] () -- C:\Users\corinna\Desktop\Google Talk.lnk
[2010.05.30 13:01:35 | 000,113,933 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010.05.30 13:01:35 | 000,097,549 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.05.25 18:54:20 | 000,772,602 | ---- | C] () -- C:\Users\corinna\Desktop\DSC00104.jpg
[2010.04.15 23:01:35 | 000,000,112 | ---- | C] () -- C:\Windows\Podcasts.INI
[2010.02.25 22:34:33 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.02.25 22:34:33 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.02.25 22:34:31 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.02.25 22:34:30 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.02.25 22:34:28 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010.01.15 15:29:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007.07.12 10:54:33 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.07.12 10:45:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.07.12 10:45:09 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.07.12 10:45:09 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.07.12 10:45:09 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.07.12 10:26:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll
[2007.04.16 08:35:21 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.04.16 08:02:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.04.16 07:26:26 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.04.16 07:26:26 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.04.16 07:26:26 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.04.16 07:26:26 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.04.16 07:23:35 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.04.16 06:38:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll
[2006.12.05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.11.23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll
[2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
< End of report >
         

--- --- ---

Das sieht unauffällig aus. Noch Probleme?

Ich glaube ich habe ihn wegbekommen!

Danke für die Hilfe ihr seit klasse!!!

Dann prüf bitte die Updates, hier mein Leitfaden dazu:

Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update



PDF-Reader aktualisieren
Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst.

Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink => http://filepony.de/?q=Flash+Player


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.