Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Security Shield entfernt? & Firefox fehlerhaft ("angehalten")

Security Shield entfernt? & Firefox fehlerhaft ("angehalten")


Plagegeister aller Art und deren Bekämpfung: Security Shield entfernt? & Firefox fehlerhaft ("angehalten")

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 04.02.2011, 18:46   #1
Gaukli
 
Security Shield entfernt? & Firefox fehlerhaft ("angehalten") - Standard

Security Shield entfernt? & Firefox fehlerhaft ("angehalten")


Drumherum
Mein Computer hat sei längerem das Problem, dass Firefox teilweise, nachdem ich Firefox geschlossen habe, nicht wieder geöffnet werden kann. Ich muss dann erst im Task Manager Firefox beenden, bevor ich Firefox erneut geöffnet bekomme.

Die Internetverbindung trennt sich häufig. Das ist in den letzten Tagen wieder verstärkt aufgetreten. (Ich dachte, dass das einfach mit schlechtem Empfang meines Laptops zu tun hat. Bei anderen Laptops gibt's das Problem nicht.)

Konkrete Probleme
AntiVir hatte mir in den letzten Tagen häufiger eine Warnung gegeben vor TR/Karagany.A.8 Gestern (03.02) habe ich meinen Computer mit AntiVir und mit Spybot Search & Destroy gescannt und repariert (naive Hoffnung).

Gestern Abend (03.02) hatte ich dann das Problem, dass Firefox nur noch die Google-Startseite aufgerufen, aber keine anderen Seiten mehr geladen hat. In der Statusleiste stand "Angehalten". Der Internet Explorer und Google Chrome haben ebenfalls keine Seiten mehr aufgerufen. Ich habe Firefox dann im abgesicherten Modus gestartet und zunächst keine Probleme gehabt.

Heute Morgen hat sich dann unmittelbar nach dem Hochfahren des Computers das Programm "Security Shield" gemeldet. Firefox lies sich zunächst auch nicht mehr im abgesicherten Modus öffnen.

Vorhin konnte ich Firefox dann doch im abgesicherten Modus öffnen und die Anweisungen zur Entfernung des "Sercurity Shields" ausführen. Nach dem Neustart hat sich Security Shield nicht mehr gemeldet und wird auch in der Programmliste nicht mehr aufgeführt. Allerdings ließ sich Firefox erneut nicht öffnen (auch nicht im abgesicherten Modus). Augenblicklich nutze ich den Internet Explorer, der gerade problemlos läuft.

Meine Bitte wäre nun, dass ihr mir zum einen dabei helft herauszufinden, ob Security Shield vollständig entfernt worden ist (im entsprechenden Thread zur Entfernung von Security Shield habt ihr dies ja vorgeschlagen). Zum anderen wüsste ich gerne, woher meine Probleme mit Firefox rühren und wie ich die Sache in Ordnung bringen kann.

Ich bedanke mich schon einmal im Voraus für eure Hilfe.

Ich habe das Logfile vom letzten AntiVir-Scan, von AntiMalware sowie die beiden von OTL beigefügt. So wie ich das verstanden haben, sind das die ersten Logfiles, die man beifügen soll. Entschuldigt bitte, falls ich da etwas übersehen habe.

EDIT: Gerade bekomme ich von AntiVir die Warnung vor: TR/Crypt.XPACK.Gen2
Ich nutze jetzt erst einmal den anderen Laptop und hoffe, dass ihr mir weiterhelfen könnt.

Code:
ATTFilter
Avira AntiVir Personal
Report file date: Donnerstag, 3. Februar 2011  07:53

Scanning for 2449642 virus strains and unwanted programs.

Licensee        : Avira AntiVir Personal - FREE Antivirus
Serial number   : 0000149996-ADJIE-0000001
Platform        : Windows Vista
Windows version : (Service Pack 2)  [6.0.6002]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : JAN-PC

Version information:
BUILD.DAT       : 9.0.0.429     21701 Bytes  06.10.2010 10:04:00
AVSCAN.EXE      : 9.0.3.10     466689 Bytes  20.11.2009 16:48:11
AVSCAN.DLL      : 9.0.3.0       40705 Bytes  27.02.2009 09:58:24
LUKE.DLL        : 9.0.3.2      209665 Bytes  20.02.2009 10:35:49
LUKERES.DLL     : 9.0.2.0       12033 Bytes  27.02.2009 09:58:52
VBASE000.VDF    : 7.10.0.0   19875328 Bytes  06.11.2009 16:48:10
VBASE001.VDF    : 7.11.0.0   13342208 Bytes  14.12.2010 08:39:09
VBASE002.VDF    : 7.11.0.1       2048 Bytes  14.12.2010 08:39:10
VBASE003.VDF    : 7.11.0.2       2048 Bytes  14.12.2010 08:39:10
VBASE004.VDF    : 7.11.0.3       2048 Bytes  14.12.2010 08:39:10
VBASE005.VDF    : 7.11.0.4       2048 Bytes  14.12.2010 08:39:10
VBASE006.VDF    : 7.11.0.5       2048 Bytes  14.12.2010 08:39:10
VBASE007.VDF    : 7.11.0.6       2048 Bytes  14.12.2010 08:39:10
VBASE008.VDF    : 7.11.0.7       2048 Bytes  14.12.2010 08:39:10
VBASE009.VDF    : 7.11.0.8       2048 Bytes  14.12.2010 08:39:10
VBASE010.VDF    : 7.11.0.9       2048 Bytes  14.12.2010 08:39:10
VBASE011.VDF    : 7.11.0.10      2048 Bytes  14.12.2010 08:39:10
VBASE012.VDF    : 7.11.0.11      2048 Bytes  14.12.2010 08:39:10
VBASE013.VDF    : 7.11.0.52    128000 Bytes  16.12.2010 10:00:16
VBASE014.VDF    : 7.11.0.91    226816 Bytes  20.12.2010 13:36:23
VBASE015.VDF    : 7.11.0.122    136192 Bytes  21.12.2010 19:25:28
VBASE016.VDF    : 7.11.0.156    122880 Bytes  24.12.2010 19:25:29
VBASE017.VDF    : 7.11.0.185    146944 Bytes  27.12.2010 13:23:06
VBASE018.VDF    : 7.11.0.228    132608 Bytes  30.12.2010 13:23:07
VBASE019.VDF    : 7.11.1.5     148480 Bytes  03.01.2011 10:11:45
VBASE020.VDF    : 7.11.1.37    156672 Bytes  07.01.2011 18:00:33
VBASE021.VDF    : 7.11.1.65    140800 Bytes  10.01.2011 11:01:18
VBASE022.VDF    : 7.11.1.87    225280 Bytes  11.01.2011 11:01:11
VBASE023.VDF    : 7.11.1.124    125440 Bytes  14.01.2011 14:24:07
VBASE024.VDF    : 7.11.1.155    132096 Bytes  17.01.2011 15:56:03
VBASE025.VDF    : 7.11.1.189    451072 Bytes  20.01.2011 15:56:26
VBASE026.VDF    : 7.11.1.230    138752 Bytes  24.01.2011 17:29:35
VBASE027.VDF    : 7.11.2.12    164352 Bytes  27.01.2011 14:21:05
VBASE028.VDF    : 7.11.2.43    178176 Bytes  01.02.2011 15:45:48
VBASE029.VDF    : 7.11.2.44      2048 Bytes  01.02.2011 15:45:48
VBASE030.VDF    : 7.11.2.45      2048 Bytes  01.02.2011 15:45:49
VBASE031.VDF    : 7.11.2.59    105472 Bytes  02.02.2011 21:20:25
Engineversion   : 8.2.4.158
AEVDF.DLL       : 8.1.2.1      106868 Bytes  16.08.2010 07:51:36
AESCRIPT.DLL    : 8.1.3.53    1282427 Bytes  31.01.2011 14:21:59
AESCN.DLL       : 8.1.7.2      127349 Bytes  22.11.2010 17:27:57
AESBX.DLL       : 8.1.3.2      254324 Bytes  22.11.2010 17:28:27
AERDL.DLL       : 8.1.9.2      635252 Bytes  22.09.2010 18:22:04
AEPACK.DLL      : 8.2.4.9      512374 Bytes  31.01.2011 14:21:50
AEOFFICE.DLL    : 8.1.1.16     205179 Bytes  31.01.2011 14:21:43
AEHEUR.DLL      : 8.1.2.70    3191159 Bytes  31.01.2011 14:21:42
AEHELP.DLL      : 8.1.16.0     246136 Bytes  03.12.2010 16:50:39
AEGEN.DLL       : 8.1.5.2      397683 Bytes  20.01.2011 15:56:39
AEEMU.DLL       : 8.1.3.0      393589 Bytes  22.11.2010 17:26:24
AECORE.DLL      : 8.1.19.2     196983 Bytes  20.01.2011 15:56:31
AEBB.DLL        : 8.1.1.0       53618 Bytes  24.04.2010 11:10:15
AVWINLL.DLL     : 9.0.0.3       18177 Bytes  12.12.2008 07:47:59
AVPREF.DLL      : 9.0.3.0       44289 Bytes  04.10.2009 09:45:01
AVREP.DLL       : 8.0.0.7      159784 Bytes  19.02.2010 18:12:35
AVREG.DLL       : 9.0.0.0       36609 Bytes  05.12.2008 09:32:09
AVARKT.DLL      : 9.0.0.3      292609 Bytes  24.03.2009 14:05:41
AVEVTLOG.DLL    : 9.0.0.7      167169 Bytes  30.01.2009 09:37:08
SQLITE3.DLL     : 3.6.1.0      326401 Bytes  28.01.2009 14:03:49
SMTPLIB.DLL     : 9.2.0.25      28417 Bytes  02.02.2009 07:21:33
NETNT.DLL       : 9.0.0.0       11521 Bytes  05.12.2008 09:32:10
RCIMAGE.DLL     : 9.0.0.25    2438913 Bytes  15.05.2009 14:39:58
RCTEXT.DLL      : 9.0.73.0      86785 Bytes  20.11.2009 16:48:06

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, E:, 
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Donnerstag, 3. Februar 2011  07:53

Starting search for hidden objects.
'115155' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'java.exe' - '1' Module(s) have been scanned
Scan process 'java.exe' - '1' Module(s) have been scanned
Scan process 'jp2launcher.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'hpqgpc01.exe' - '1' Module(s) have been scanned
Scan process 'hpqbam08.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'SynTPHelper.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'WinMail.exe' - '1' Module(s) have been scanned
Scan process 'CFSwMgr.exe' - '1' Module(s) have been scanned
Scan process 'CEC_MAIN.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'WZQKPICK.EXE' - '1' Module(s) have been scanned
Scan process 'PDFCreator.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'TOSCDSPD.exe' - '1' Module(s) have been scanned
Scan process 'sidebar.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'Toshiba.Tempo.UI.TrayApplication.exe' - '1' Module(s) have been scanned
Scan process 'TCrdMain.exe' - '1' Module(s) have been scanned
Scan process 'SmoothView.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'TPwrMain.exe' - '1' Module(s) have been scanned
Scan process 'traybar.exe' - '1' Module(s) have been scanned
Scan process 'DesktopSMS.exe' - '1' Module(s) have been scanned
Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
Scan process 'PicasaMediaDetector.exe' - '1' Module(s) have been scanned
Scan process 'TOPI.exe' - '1' Module(s) have been scanned
Scan process 'NDSTray.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'igfxpers.exe' - '1' Module(s) have been scanned
Scan process 'hkcmd.exe' - '1' Module(s) have been scanned
Scan process 'igfxtray.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ULCDRSvr.exe' - '1' Module(s) have been scanned
Scan process 'TosIPCSrv.exe' - '1' Module(s) have been scanned
Scan process 'TosCoSrv.exe' - '1' Module(s) have been scanned
Scan process 'TODDSrv.exe' - '1' Module(s) have been scanned
Scan process 'TNaviSrv.exe' - '1' Module(s) have been scanned
Scan process 'TempoSVC.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PresentationFontCache.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
89 processes with 89 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'E:\'
    [INFO]      No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '64' files ).


Starting the file scan:

Begin scan in 'C:\' <Vista>
C:\hiberfil.sys
    [WARNING]   The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\pagefile.sys
    [WARNING]   The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\7477e2a3-6c98713b
  [0] Archive type: ZIP
    --> bpac/purok.class
      [DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AI Java virus
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7a2395b4-304c0f2a
  [0] Archive type: ZIP
    --> bpac/purok.class
      [DETECTION] Contains recognition pattern of the JAVA/OpenConnect.AI Java virus
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\df36b76-71359fee
    [DETECTION] Is the TR/Karagany.A.8 Trojan
Begin scan in 'E:\' <Data>

Beginning disinfection:
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\7477e2a3-6c98713b
    [NOTE]      The file was moved to '4d816aa7.qua'!
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7a2395b4-304c0f2a
    [NOTE]      The file was moved to '4d7c6ad4.qua'!
C:\Users\Jan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\df36b76-71359fee
    [DETECTION] Is the TR/Karagany.A.8 Trojan
    [NOTE]      The file was moved to '4d7d6ad9.qua'!


End of the scan: Donnerstag, 3. Februar 2011  09:42
Used time:  1:20:11 Hour(s)

The scan has been done completely.

  24753 Scanned directories
 666575 Files were scanned
      3 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 files were deleted
      0 Viruses and unwanted programs were repaired
      3 Files were moved to quarantine
      0 Files were renamed
      2 Files cannot be scanned
 666570 Files not concerned
   4082 Archives were scanned
      2 Warnings
      5 Notes
 115155 Objects were scanned with rootkit scan
      0 Hidden objects were found
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.02.2011 16:50:14 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Jan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,45 Gb Total Space | 14,69 Gb Free Space | 19,73% Space Free | Partition Type: NTFS
Drive E: | 73,13 Gb Total Space | 68,23 Gb Free Space | 93,30% Space Free | Partition Type: NTFS
 
Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0579E38B-7B7A-46D7-966A-5F1DC9BB8748}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{0580F561-7E32-46F2-83DE-128D48DC0757}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe | 
"{255551B1-45B6-4542-8C7C-E655E3EFB3E0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{6C11904D-48B7-4B35-9C03-1A4B4535F167}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{77EA3867-ADF6-4B7B-B62A-4E9848B31672}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{86EAC92A-6CF3-4428-9F2E-991EA287930A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"TCP Query User{2035764F-6783-46A7-886B-D2FE78991216}C:\program files\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe | 
"TCP Query User{674B4DF3-E57A-4720-9952-47A1E82E14D6}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{AAF75848-93C8-4BEC-BA6D-D9B195229F14}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe | 
"TCP Query User{BA44F4A7-00C7-4E69-8D87-3FD76479761E}C:\program files\yworks\yed\yed.exe" = protocol=6 | dir=in | app=c:\program files\yworks\yed\yed.exe | 
"TCP Query User{C4FD95F1-2555-4551-8B39-35ECE24A39B9}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{0A8BDEA7-E741-4797-9525-DAA2CA8A8C7B}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe | 
"UDP Query User{2BEA95F9-BC61-4FCC-8978-20153294151E}C:\program files\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe | 
"UDP Query User{61C54551-685B-4A21-9900-C6E9A2735C92}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe | 
"UDP Query User{9F642B8D-0D0D-4957-B577-B27611BD0D89}C:\program files\yworks\yed\yed.exe" = protocol=17 | dir=in | app=c:\program files\yworks\yed\yed.exe | 
"UDP Query User{BB0E4F33-2E10-42BF-A708-B73D2BB15793}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}" = Toshiba TEMPRO
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java(TM) 6 Update 18
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{431CD81E-D6D1-42D0-BE0F-B9AB87298644}" = Rund um ... Biologie heute entdecken 2 (Teil 1)
"{44B2E182-DD85-45FC-9F51-326B81D7C7F1}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{56995235-B76E-44A6-BA17-8FF13D3F907A}" = TOSHIBA Benutzerhandbücher
"{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}" = Driver Detective
"{582D2A53-F426-4C5E-A2E6-43C1AB36B907}" = Safari
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5C79D312-F68F-4B04-8A4F-E28A0AE1ECBB}" = CrissCross 8.20
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6DA9102E-199F-43A0-A36B-6EF48081A658}" = Systemsteuerung "MobileMe"
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{730837D4-FF5E-48DB-BA49-33E732DFF0B3}" = PanoStandAlone
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7988ba74-4a27-4685-991a-53f072f22808}" = F2200_Help
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{895722FE-25FE-4854-95AC-B0C42F9DBEDA}" = REALTEK RTL8187B Wireless LAN Driver
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{907EB772-0B10-4209-B918-FE80355BB66A}" = Rund um ... Biologie heute entdecken 2 (Teil 2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A90000000001}" = Adobe Reader 9 - Deutsch
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B34E4B72-37C6-4f79-A5B3-008EEFC6EA8B}" = PS_AIO_02_Software_min
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B46AC30C-22D2-4610-B041-1DA7BB29EB57}" = HP Photosmart All-In-One Software 9.0
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{B7E5D642-E74E-40a4-B5C7-6AB6EE916814}" = PS_AIO_02_ProductContext
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BAFFEF7F-08B3-45b3-B215-418175C4E9DD}" = c5200_Help
"{BC10649A-983B-494e-AD1F-DE0BF717D701}" = PS_AIO_02_Software
"{c6922d7f-c698-4d9e-9671-8b3de04d1511}" = DJ_AIO_03_F2200_Software_Min
"{C708333C-B1B9-43be-B797-49FEC7A8D15B}" = C5200
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E03284-66FD-4292-8239-504CEC5B0CC3}" = C5200_doccd
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D77D43B5-ED55-426b-B67B-E21F804F6102}" = HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{db18dc72-cd20-4801-be82-f5d2caeec4d7}" = DJ_AIO_03_F2200_Software
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"{e97a9fd7-2fa1-4474-820d-3f8893a5b78a}" = F2200
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{eca3039b-e429-420f-bd5e-7dec0683fc32}" = DJ_AIO_03_F2200_ProductContext
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"ElsterFormular 11.3.0.4235" = ElsterFormular
"ExpressBurn" = Express Burn
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (D)
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = HP OCR Software 9.0
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TRDCReminder
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORDCLauncher
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"MAGIX Digital Foto Maker SE D" = MAGIX Digital Foto Maker SE 4.1.0.835 (D)
"MAGIX Foto Suite D" = MAGIX Foto Suite 1.12.0.89 (D)
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"myphotobook" = myphotobook 3.5
"PDFCreator Toolbar" = PDFCreator Toolbar
"Picasa2" = Picasa 2
"Samsung ML-1440 Series" = Samsung ML-1440 Series
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"yEd Graph Editor 3.3.0.2" = yEd Graph Editor 3.3.0.2
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 12.08.2010 13:58:05 | Computer Name = Jan-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.08.2010 14:58:05 | Computer Name = Jan-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.08.2010 15:58:05 | Computer Name = Jan-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.08.2010 16:58:05 | Computer Name = Jan-PC | Source = Google Update | ID = 20
Description = 
 
Error - 12.08.2010 17:58:05 | Computer Name = Jan-PC | Source = Google Update | ID = 20
Description = 
 
Error - 16.08.2010 03:49:05 | Computer Name = Jan-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.08.2010 03:50:49 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 16.08.2010 03:50:50 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 16.08.2010 03:50:50 | Computer Name = Jan-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 16.08.2010 16:55:53 | Computer Name = Jan-PC | Source = Google Update | ID = 20
Description = 
 
[ System Events ]
Error - 03.02.2011 14:15:02 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 03.02.2011 14:27:35 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 03.02.2011 14:27:57 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 04.02.2011 02:59:43 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 04.02.2011 03:01:12 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 04.02.2011 10:54:41 | Computer Name = Jan-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 04.02.2011 um 15:53:29 unerwartet heruntergefahren.
 
Error - 04.02.2011 10:54:53 | Computer Name = JAN-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 04.02.2011 10:56:40 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 04.02.2011 11:28:16 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7000
Description = 
 
Error - 04.02.2011 11:29:50 | Computer Name = Jan-PC | Source = Service Control Manager | ID = 7022
Description = 
 
 
< End of report >
--- --- ---


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.02.2011 16:50:14 - Run 1
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\Jan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,45 Gb Total Space | 14,69 Gb Free Space | 19,73% Space Free | Partition Type: NTFS
Drive E: | 73,13 Gb Total Space | 68,23 Gb Free Space | 93,30% Space Free | Partition Type: NTFS
 
Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jan\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\PDFCreator\PDFCreator.exe (pdfforge  hxxp://www.pdfforge.org/)
PRC - C:\Programme\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH)
PRC - C:\Programme\Toshiba TEMPRO\TempoSVC.exe (Toshiba Europe GmbH)
PRC - C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe (Google)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
PRC - C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe ()
PRC - C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
PRC - c:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION)
PRC - c:\Programme\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
PRC - C:\Programme\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
PRC - C:\Programme\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
PRC - C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Jan\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SBSDWSCService) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (TempoMonitoringService) -- C:\Program Files\Toshiba TEMPRO\TempoSVC.exe (Toshiba Europe GmbH)
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (TNaviSrv) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe (TOSHIBA Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TosCoSrv) -- c:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation)
SRV - (ConfigFree Service) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (TOSHIBA SMART Log Service) -- c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (TOSHIBA Corporation)
SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (RTL8187B) -- C:\Windows\System32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation                           )
DRV - (UVCFTR) -- C:\Windows\System32\drivers\UVCFTR_S.SYS (Chicony Electronics Co., Ltd.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (FwLnk) -- C:\Windows\System32\drivers\FwLnk.sys (TOSHIBA Corporation)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,AlwaysUseDefaultPrinter = yes
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..keyword.URL: "hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.18 14:37:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.18 14:37:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.13 10:17:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2010.10.30 14:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions
[2010.10.30 14:05:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.02.03 19:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\cgxmwb05.default\extensions
[2010.11.03 13:06:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\cgxmwb05.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.28 07:04:49 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\cgxmwb05.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011.01.24 08:29:16 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\cgxmwb05.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.29 16:35:10 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\cgxmwb05.default\extensions\vshare@toolbar
[2010.08.29 16:35:20 | 000,001,583 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cgxmwb05.default\searchplugins\web-search.xml
[2010.03.23 11:54:05 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2008.10.14 09:24:20 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2008.12.17 10:22:21 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2010.03.23 11:54:05 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010.10.27 11:25:28 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.27 11:25:28 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.27 11:25:28 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.27 11:25:28 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.27 11:25:28 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (PDFCreator Toolbar Helper) - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PDFCreator Toolbar) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Programme\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll ()
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe]  File not found
O4 - HKLM..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [Toshiba TEMPO] C:\Programme\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe (Toshiba Europe GmbH)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [{D1240F9F-9800-DEC4-E831-E5EE14C53E2B}]  File not found
O4 - HKCU..\Run: [BthcrtUsb] C:\Users\Jan\AppData\Local\SystemWIMusic\BthcrtUsb.dll ()
O4 - HKCU..\Run: [DRWAtend] C:\Users\Jan\AppData\Local\Temp\bootlder.dll (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
O4 - HKCU..\RunOnce: [663E66980AFE4A16147DE549415F40FD366EBB490CA145710BEBEC882447458D] C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\report.exe ()
O4 - Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Programme\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} -  File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} -  File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: HP Intelligente Auswahl - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programme\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{379ce609-7f3e-11dd-8459-001e33574223}\Shell\AutoRun\command - "" = D:\
O33 - MountPoints2\{379ce609-7f3e-11dd-8459-001e33574223}\Shell\open\Command - "" = rundll32.exe .\desktop.dll,InstallM
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.04 16:48:51 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2011.02.04 16:08:16 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes
[2011.02.04 16:08:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.02.04 16:08:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.04 16:08:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.04 16:08:00 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.02.04 16:08:00 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.02.04 08:13:36 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\Users\Jan\AppData\Local\linhsvli.exe
[2011.02.02 21:37:00 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Wouqsi
[2011.02.02 21:37:00 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Ukehom
[2011.02.02 21:12:02 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Help
[2011.01.17 16:51:04 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\SystemWIMusic
[2011.01.17 16:50:41 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\27595
[2011.01.16 12:34:56 | 000,000,000 | ---D | C] -- C:\Users\Jan\Desktop\Fotos
[2011.01.12 11:34:13 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.01.12 11:34:10 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.04 16:53:01 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.02.04 16:48:59 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Desktop\OTL.exe
[2011.02.04 16:32:48 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.04 16:32:48 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.04 16:32:48 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.04 16:32:48 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.04 16:31:28 | 000,001,833 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
[2011.02.04 16:28:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.04 16:28:28 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.04 16:28:22 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.02.04 16:28:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.04 16:27:57 | 2134,888,448 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.04 16:08:04 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.04 08:13:36 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\Users\Jan\AppData\Local\linhsvli.exe
[2011.01.26 15:24:30 | 000,010,107 | ---- | M] () -- C:\Users\Jan\Desktop\Kündigung.odt
[2011.01.26 14:10:27 | 000,027,098 | ---- | M] () -- C:\Users\Jan\Desktop\BescheinigungASSP§44Abs4.pdf
[2011.01.15 16:57:00 | 000,001,976 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.02.04 16:08:04 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.26 15:20:29 | 000,010,107 | ---- | C] () -- C:\Users\Jan\Desktop\Kündigung.odt
[2011.01.26 14:10:27 | 000,027,098 | ---- | C] () -- C:\Users\Jan\Desktop\BescheinigungASSP§44Abs4.pdf
[2009.08.08 10:44:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.03.03 23:20:20 | 000,006,656 | ---- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.10.01 13:34:07 | 000,000,016 | -H-- | C] () -- C:\Users\Jan\AppData\Roaming\mxfilerelatedcache.mxc2
[2008.10.01 13:34:07 | 000,000,016 | -H-- | C] () -- C:\Users\Jan\AppData\Local\mxfilerelatedcache.mxc2
[2008.09.19 11:08:39 | 000,003,227 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.09.04 10:00:14 | 000,000,934 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\wklnhst.dat
[2008.02.22 10:34:00 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008.02.18 16:58:18 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.02.18 16:44:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.02.18 16:44:09 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.02.18 16:44:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.02.18 16:44:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.02.18 16:44:09 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.02.18 16:44:09 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008.02.18 15:57:01 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.02.18 15:55:43 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2008.02.18 15:55:43 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2008.02.18 15:55:43 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2008.02.18 15:55:43 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008.01.28 17:01:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll
[2008.01.28 17:01:06 | 000,471,040 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll
[2008.01.28 16:53:02 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
[2008.01.28 16:53:02 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll
[2008.01.28 16:53:02 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll
[2008.01.28 16:52:28 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

< End of report >
--- --- ---


Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5675

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

04.02.2011 16:25:09
mbam-log-2011-02-04 (16-25-09).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 149619
Laufzeit: 7 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
c:\program files\IDM\desktop sms\desktopsms.exe (Worm.P2P) -> 2980 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{D1240F9F-9800-DEC4-E831-E5EE14C53E2B} (Trojan.Dropper) -> Value: {D1240F9F-9800-DEC4-E831-E5EE14C53E2B} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Desktop SMS (Worm.P2P) -> Value: Desktop SMS -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Jan\AppData\Roaming\Wouqsi\lyyw.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\_ex-68.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Jan\AppData\Roaming\microsoft\Windows\start menu\Programs\security shield.lnk (Rogue.SecurityShield) -> Quarantined and deleted successfully.
c:\Users\Jan\AppData\Roaming\microsoft\Windows\start menu\Programs\Startup\AdbUpd.lnk (Malware.Trace) -> Quarantined and deleted successfully.
c:\program files\IDM\desktop sms\desktopsms.exe (Worm.P2P) -> Quarantined and deleted successfully.
Geändert von Gaukli (04.02.2011 um 18:53 Uhr)

 

Themen zu Security Shield entfernt? & Firefox fehlerhaft ("angehalten")
32 bit, adblock, audiodg.exe, avgntflt.sys, bho, bonjour, computer, corp./icp, desktop, druck, dwm.exe, entfernt?, error, excel, excel.exe, firefox, flash player, google chrome, home, home premium, iastor.sys, iexplore.exe, install.exe, internet explorer, intranet, location, logfile, microsoft office word, moved, mozilla, mozilla thunderbird, nicht öffnen, nt.dll, nvstor.sys, office 2007, oldtimer, otl.exe, plug-in, problem, programdata, programm, realtek, safer networking, saver, searchplugins, security, security update, senden, server, shell32.dll, software, start menu, svchost.exe, tr/crypt.xpack.ge, uleadburninghelper, usb, usb 2.0, virus, warnung, windows, windows system, worm.p2p


« Soeben über Webseite wieder HDD Tool/Memory Optimzer eingefangen | Ratlos... ich kann google nicht mehr aufrufen »


Ähnliche Themen: Security Shield entfernt? & Firefox fehlerhaft ("angehalten")


  1. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  2. Infektion "Internet Security Pro"/ "wmdefender.exe" unter Vista; Keine Erkennung mit MBAM
    Log-Analyse und Auswertung - 22.08.2013 (19)
  3. TrendMicro Worry Free Business Security meldet: "At1.job" und "ojswjz.ouu" (Mal_DownadJ und WORM_DOWNAD.AD)
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (28)
  4. "Live Security Platinum" - erfolgreich entfernt?
    Log-Analyse und Auswertung - 10.09.2012 (1)
  5. "Live Security Platinum" vollständig entfernt? Logs anbei.
    Log-Analyse und Auswertung - 03.08.2012 (33)
  6. Security Shield (trojan.lameshield) entfernt - Rootkits?
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (21)
  7. Security Shield - komplett entfernt?
    Log-Analyse und Auswertung - 09.07.2012 (13)
  8. Fake-Programm "Security Shield 2012" beim PC-Start
    Plagegeister aller Art und deren Bekämpfung - 28.06.2012 (1)
  9. My Security Shield Virus vollständig entfernt? OTL Logfiles
    Log-Analyse und Auswertung - 23.04.2012 (8)
  10. Trojaner Security Shield sicher vom System entfernt?
    Log-Analyse und Auswertung - 06.04.2012 (12)
  11. Startseite fehlerhaft, stets "NatWest" (www.nwolb.com) Trojaner "Trojan.ZBotR.Gen" gefunden
    Log-Analyse und Auswertung - 02.04.2012 (28)
  12. "Security Shield"-Trojaner soeben eingefangen
    Plagegeister aller Art und deren Bekämpfung - 23.03.2012 (1)
  13. My Security Shield erfolgreich entfernt?
    Log-Analyse und Auswertung - 28.12.2011 (3)
  14. "Malware Protection" entfernt und nun "Windows Vista Restore" und diverse Festplattenwarnungen
    Plagegeister aller Art und deren Bekämpfung - 17.06.2011 (28)
  15. "Security Shield" (rouge) legt Rechner lahm
    Plagegeister aller Art und deren Bekämpfung - 24.05.2011 (12)
  16. Trojaner "Security Shield"
    Plagegeister aller Art und deren Bekämpfung - 03.01.2011 (22)
  17. "Security Trobuleshooting" und "Online Security Guide"
    Plagegeister aller Art und deren Bekämpfung - 10.06.2008 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Security Shield entfernt? & Firefox fehlerhaft ("angehalten") - Drumherum Mein Computer hat sei längerem das Problem, dass Firefox teilweise, nachdem ich Firefox geschlossen habe, nicht wieder geöffnet werden kann. Ich muss dann erst im Task Manager Firefox beenden, - Security Shield entfernt? & Firefox fehlerhaft ("angehalten")...
Archiv
Du betrachtest: Security Shield entfernt? & Firefox fehlerhaft ("angehalten") auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131