internet: FF und IE öffnen die seiten extram langsam

aspirin · 14.02.2011, 16:31

hi ihr spezialisten,
ich habe seit über ne woche ein mühsames problem.
meine browser öffnen die seiten extrem langsam. gestern lief es einwandfrei "keine ahnung wieso".
heute morgen wurde ein wichtiges update vom system installiert und seither öffnen sich die seiten wieder extreme lahm.

ich hoffe ihr findet den übeltäter anhand dieser anhänge und könnt mir weiterhelfen. ich bin zu unqualifiziert und verstehe in diesen text dokumenten nur bahnhof...

mfg
aspirin

Log MBAM

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5760

Windows 6.1.7600
Internet Explorer 9.0.7930.16406

14.02.2011 15:43:29
mbam-log-2011-02-14 (15-43-29).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 182142
Laufzeit: 1 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

OTL.Txt

Code:

ATTFilter

OTL logfile created on: 14.02.2011 15:48:08 - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\selo2\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 89,38 Gb Free Space | 76,76% Space Free | Partition Type: NTFS
Drive D: | 116,05 Gb Total Space | 108,66 Gb Free Space | 93,63% Space Free | Partition Type: NTFS
 
Computer Name: NECATI-TOSH | User Name: selo2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.02.14 15:46:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\selo2\Desktop\OTL.exe
PRC - [2011.01.27 16:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010.12.03 20:43:34 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.08.27 16:20:14 | 001,811,456 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
PRC - [2010.08.15 18:54:50 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2010.06.03 15:09:00 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010.05.01 15:55:36 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2010.04.24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.04.24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.03.09 01:23:22 | 001,086,760 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
PRC - [2010.03.03 11:47:38 | 004,581,280 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
PRC - [2010.01.15 13:08:38 | 000,935,208 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.07.28 19:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.02.14 15:46:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\selo2\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.07.27 20:53:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.05.25 19:08:30 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010.02.05 16:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.07.28 13:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2011.01.27 16:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010.08.27 16:20:14 | 001,811,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.07.01 10:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010.05.11 08:40:52 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010.04.24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.04.24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.28 15:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2010.01.15 13:08:38 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2010.11.02 16:48:38 | 001,103,464 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010.09.28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.09.24 07:55:21 | 000,020,592 | ---- | M] (Compal Electronics, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CeKbFilter.sys -- (CeKbFilter)
DRV:64bit: - [2010.07.27 21:22:14 | 007,450,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.07.27 20:16:52 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.06.23 16:10:56 | 000,344,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.04.24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.04.24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.04.24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.04.24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.03.22 09:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2010.03.10 17:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.01.27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010.01.07 08:05:46 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.10.07 17:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.10.07 17:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.30 18:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.14 14:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.22 16:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 09:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.12 00:35:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.12 00:35:54 | 000,000,000 | ---D | M]
 
[2011.02.12 00:36:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\selo2\AppData\Roaming\mozilla\Extensions
[2011.02.12 00:36:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\selo2\AppData\Roaming\mozilla\Firefox\Profiles\zm2z58cy.default\extensions
[2011.02.12 00:35:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.01.15 00:19:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Programme\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.14 15:46:25 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\selo2\Desktop\OTL.exe
[2011.02.14 15:40:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.02.14 15:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.02.14 15:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011.02.14 15:30:56 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Malwarebytes
[2011.02.14 15:30:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.02.14 15:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.14 15:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.14 15:30:08 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.14 15:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.02.14 15:29:00 | 000,000,000 | ---D | C] -- C:\Users\selo2\Desktop\MFTools
[2011.02.14 11:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
[2011.02.14 03:00:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.02.14 00:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2011.02.13 22:39:29 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\SoftGrid Client
[2011.02.13 22:39:28 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\SoftGrid Client
[2011.02.13 22:37:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.02.13 22:37:29 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011.02.13 22:37:28 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.02.13 22:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2011.02.13 22:37:04 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\TP
[2011.02.13 04:06:02 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\ElevatedDiagnostics
[2011.02.12 17:18:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2011.02.12 01:05:19 | 000,521,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.02.12 01:05:19 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011.02.12 01:05:19 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011.02.12 01:05:18 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011.02.12 01:05:07 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.02.12 00:36:00 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Mozilla
[2011.02.12 00:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.02.12 00:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.02.12 00:05:35 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\InstallShield
[2011.02.12 00:05:30 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\WinBatch
[2011.02.11 23:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011.02.11 22:31:33 | 000,921,512 | ---- | C] (Symantec Corporation) -- C:\Users\selo2\Desktop\Norton_Removal_Tool_2011.exe
[2011.02.11 21:29:29 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\COMPUTERBILD Browser-Optimierer
[2011.02.11 21:24:17 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Skype
[2011.02.10 22:30:19 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Diagnostics
[2011.02.10 19:09:03 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Google
[2011.02.10 11:01:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.02.10 11:01:29 | 001,502,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.02.10 11:01:29 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.02.10 11:01:29 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.02.09 18:43:02 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.09 18:43:02 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.09 18:43:00 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.09 18:42:59 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.09 18:42:59 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.09 18:42:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.09 18:42:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.09 18:42:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.09 18:42:29 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.02.09 18:42:03 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.09 18:42:03 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.09 18:41:38 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.09 18:41:38 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.09 18:41:37 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.09 18:41:37 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.09 18:41:31 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.09 18:41:31 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.09 18:41:31 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.09 18:41:31 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.02.09 02:09:59 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\TOSHIBA_Corporation
[2011.02.07 17:16:38 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Mozilla
[2011.02.07 17:12:44 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Apple
[2011.02.07 17:10:37 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Adobe
[2011.02.07 17:08:39 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Adobe
[2011.02.07 17:08:17 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Toshiba
[2011.02.07 17:07:20 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Toshiba
[2011.02.07 17:07:07 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Apple Computer
[2011.02.07 17:07:05 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\ATI
[2011.02.07 17:07:05 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\ATI
[2011.02.07 17:07:03 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Nero
[2011.02.07 17:06:51 | 000,000,000 | R--D | C] -- C:\Users\selo2\Searches
[2011.02.07 17:06:51 | 000,000,000 | R--D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.02.07 17:06:48 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Identities
[2011.02.07 17:06:46 | 000,000,000 | R--D | C] -- C:\Users\selo2\Contacts
[2011.02.07 17:06:45 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\VirtualStore
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Vorlagen
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\AppData\Local\Verlauf
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\AppData\Local\Temporary Internet Files
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Startmenü
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\SendTo
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Recent
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Netzwerkumgebung
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Lokale Einstellungen
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Documents\Eigene Videos
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Documents\Eigene Musik
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Eigene Dateien
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Documents\Eigene Bilder
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Druckumgebung
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Cookies
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\AppData\Local\Anwendungsdaten
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Anwendungsdaten
[2011.02.07 17:06:42 | 000,000,000 | --SD | C] -- C:\Users\selo2\AppData\Roaming\Microsoft
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Videos
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Saved Games
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Pictures
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Music
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Links
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Favorites
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Downloads
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Documents
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Desktop
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.02.07 17:06:42 | 000,000,000 | -H-D | C] -- C:\Users\selo2\AppData
[2011.02.07 17:06:42 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Temp
[2011.02.07 17:06:42 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Microsoft
[2011.02.07 17:06:42 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Media Center Programs
[2011.02.07 17:06:42 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Macromedia
[2011.02.06 13:27:26 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.02.06 13:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectX Buster
[2011.02.06 13:04:36 | 000,000,000 | ---D | C] -- C:\Windows\uninstall
[2011.01.26 00:36:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011.01.26 00:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011.01.26 00:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.01.15 18:02:43 | 001,633,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.01.15 18:02:43 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2011.01.15 18:02:43 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011.01.15 18:02:43 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011.01.15 18:02:42 | 000,819,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.01.15 18:02:42 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.01.15 18:02:42 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011.01.15 18:02:42 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011.01.15 18:02:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011.01.15 18:02:42 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011.01.15 18:02:42 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011.01.15 18:02:41 | 000,690,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.01.15 18:02:41 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.01.15 18:02:41 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011.01.15 18:02:41 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011.01.15 18:02:41 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll
[2011.01.15 18:02:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011.01.15 18:02:40 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011.01.15 18:02:40 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011.01.15 18:02:40 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011.01.15 18:02:39 | 000,532,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011.01.15 18:02:39 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011.01.15 18:02:39 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011.01.15 18:02:39 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll
[2011.01.15 18:02:39 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011.01.15 18:02:39 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011.01.15 18:02:39 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011.01.15 18:02:39 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll
[2011.01.15 18:02:39 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011.01.15 18:02:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011.01.15 18:02:39 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011.01.15 18:02:39 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011.01.15 18:02:39 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011.01.15 18:02:39 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011.01.15 18:02:39 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011.01.15 18:02:39 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011.01.15 18:02:39 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011.01.15 18:02:39 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011.01.15 18:02:39 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011.01.15 18:02:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011.01.15 18:02:39 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011.01.15 18:02:39 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011.01.15 18:02:39 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011.01.15 18:02:38 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011.01.15 18:02:38 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011.01.15 18:02:38 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011.01.15 18:02:38 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011.01.15 18:02:37 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011.01.15 18:02:37 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011.01.15 18:02:37 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011.01.15 18:02:35 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011.01.15 18:02:34 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.01.15 18:02:34 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011.01.15 18:02:34 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011.01.15 18:02:34 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll
[2011.01.15 18:02:34 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011.01.15 18:02:34 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011.01.15 18:02:34 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.01.15 18:02:34 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.01.15 18:02:34 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011.01.15 18:02:34 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011.01.15 18:02:34 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011.01.15 18:02:34 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011.01.15 18:02:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011.01.15 18:02:34 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011.01.15 18:02:33 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011.01.15 18:02:33 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011.01.15 18:02:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011.01.15 18:02:33 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.01.15 18:02:33 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.01.15 18:02:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2011.01.15 18:02:33 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011.01.15 18:02:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011.01.15 18:02:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011.01.15 16:37:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.14 15:46:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\selo2\Desktop\OTL.exe
[2011.02.14 15:43:25 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.14 15:43:25 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.14 15:39:05 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.02.14 15:39:05 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.02.14 15:39:05 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.02.14 15:39:05 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.02.14 15:39:05 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.02.14 15:38:48 | 000,000,891 | ---- | M] () -- C:\Users\selo2\Desktop\NTREGOPT.lnk
[2011.02.14 15:38:48 | 000,000,872 | ---- | M] () -- C:\Users\selo2\Desktop\ERUNT.lnk
[2011.02.14 15:34:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.14 15:34:14 | 2211,209,216 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.14 15:32:10 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.14 15:27:52 | 000,472,080 | ---- | M] () -- C:\Users\selo2\Desktop\Load.exe
[2011.02.14 03:00:42 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.13 23:37:24 | 000,000,498 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for selo2.job
[2011.02.13 22:57:51 | 000,020,598 | ---- | M] () -- C:\Users\selo2\Documents\crosstraining.docx
[2011.02.13 22:50:22 | 000,000,500 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Necati.job
[2011.02.12 17:18:50 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.02.12 01:05:08 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.02.12 01:05:08 | 000,189,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011.02.12 01:05:08 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011.02.12 01:05:08 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011.02.11 22:31:33 | 000,921,512 | ---- | M] (Symantec Corporation) -- C:\Users\selo2\Desktop\Norton_Removal_Tool_2011.exe
[2011.02.10 11:15:37 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.07 17:06:44 | 000,000,680 | RHS- | M] () -- C:\Users\selo2\ntuser.pol
[2011.02.06 13:32:28 | 000,009,128 | ---- | M] () -- C:\Windows\WININIT.INI
[2011.01.26 07:52:25 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.01.26 07:28:16 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
 
========== Files Created - No Company Name ==========
 
[2011.02.14 15:38:48 | 000,000,891 | ---- | C] () -- C:\Users\selo2\Desktop\NTREGOPT.lnk
[2011.02.14 15:38:48 | 000,000,872 | ---- | C] () -- C:\Users\selo2\Desktop\ERUNT.lnk
[2011.02.14 15:30:12 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.14 15:27:50 | 000,472,080 | ---- | C] () -- C:\Users\selo2\Desktop\Load.exe
[2011.02.13 22:57:50 | 000,020,598 | ---- | C] () -- C:\Users\selo2\Documents\crosstraining.docx
[2011.02.13 22:38:32 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.12 17:18:50 | 000,001,141 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.02.12 17:18:50 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.02.11 22:27:45 | 000,000,498 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for selo2.job
[2011.02.07 17:06:58 | 000,001,412 | ---- | C] () -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.02.07 17:06:52 | 000,001,406 | ---- | C] () -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.02.07 17:06:44 | 000,000,680 | RHS- | C] () -- C:\Users\selo2\ntuser.pol
[2011.02.06 13:05:03 | 000,009,128 | ---- | C] () -- C:\Windows\WININIT.INI
[2011.01.15 18:02:42 | 000,072,533 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.01.15 18:02:42 | 000,072,533 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.01.03 22:36:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.24 08:12:13 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010.01.27 03:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.28 03:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
 
========== LOP Check ==========
 
[2011.02.11 21:29:58 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\COMPUTERBILD Browser-Optimierer
[2011.02.14 11:37:47 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\SoftGrid Client
[2011.02.11 23:17:17 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\Toshiba
[2011.02.13 22:39:40 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\TP
[2011.02.12 00:05:30 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\WinBatch
[2009.07.14 06:08:49 | 000,014,490 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Extras.Txt

Code:

ATTFilter

OTL Extras logfile created on: 14.02.2011 15:48:08 - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\selo2\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 89,38 Gb Free Space | 76,76% Space Free | Partition Type: NTFS
Drive D: | 116,05 Gb Total Space | 108,66 Gb Free Space | 93,63% Space Free | Partition Type: NTFS
 
Computer Name: NECATI-TOSH | User Name: selo2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6DB58D2-E7E8-5B0F-65F8-B76713C0AF75}" = ATI Catalyst Install Manager
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{CC3F8680-2A8A-95B1-584E-EA4BDE0DF783}" = ccc-utility64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0CB6FBBE-71FC-7AE1-0506-AF2DFAAB5F99}" = CCC Help Finnish
"{0DCDE91E-ACD7-A105-A713-CF3C22BC1EF7}" = CCC Help Portuguese
"{0E4D665E-0441-D356-1B61-4FDCE2122F54}" = CCC Help Danish
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3AB215C2-0BE4-EC89-A90A-FA54B7C03E0A}" = CCC Help Chinese Traditional
"{3B2AFF45-1C2E-E544-A480-A9CA43FC8977}" = Catalyst Control Center Localization All
"{3E70F662-B29D-FE4E-D31D-0D088AB3C42E}" = CCC Help German
"{40C17193-BC19-CB9F-35DA-A44F9B6A520F}" = Catalyst Control Center Graphics Previews Common
"{418E42D7-E8D0-1953-B7ED-9D75149D64D5}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F8EBB31-EB6A-7C7A-40ED-57F2841998EB}" = CCC Help Czech
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{64E65803-D18A-D799-01A9-69ACB8B49B5E}" = CCC Help Italian
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85A87BCB-C8A1-179D-231D-D77C2462394F}" = CCC Help Norwegian
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95CFDCE3-0AE1-01F5-D9C8-D5016C49D2D9}" = CCC Help Hungarian
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9CC701E9-79FB-19EB-907C-33730D6D9450}" = Catalyst Control Center Graphics Previews Vista
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}" = Photo Service - powered by myphotobook
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A920CC75-A1F8-4275-6CBF-0B7817AF364E}" = CCC Help Dutch
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{B10364A6-B6BD-9F06-BF50-A779FBE803F4}" = CCC Help Polish
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D136FCBA-7D93-DA4E-ED4D-024ACA891E70}" = CCC Help Japanese
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D5F7D473-4819-D77B-E5A8-4B1569C47A2D}" = CCC Help Korean
"{D7397487-E01A-6ACE-C24E-BB19469B9FDE}" = CCC Help Swedish
"{DB928E9C-4C6B-DDF4-0748-C4D542A75E95}" = CCC Help Chinese Standard
"{DBB7021A-3437-446F-ACE5-7261644A972C}" = Toshiba TEMPRO
"{DDC8362F-D041-6C5E-0221-E23CF71C73AE}" = CCC Help Spanish
"{DDDD6410-C2B9-7BC7-3A93-0D155AE07E25}" = Catalyst Control Center InstallProxy
"{DEC74752-09D3-309D-72B6-40114F57B223}" = CCC Help Russian
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E0FAA369-B0E3-48B8-9447-4873103B0012}" = TOSHIBA ConfigFree
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{e89ab375-a0c5-4612-916e-9fe373084212}" = Nero 9 Essentials
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EC8D0634-4567-DBD4-97B2-F8C879F7DBF8}" = CCC Help English
"{F0483BEB-E626-E306-DFBD-D3A1E582BF43}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2431B40-5D69-BBB8-F20B-4F28D8ED563E}" = CCC Help Thai
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F4AECBDF-6985-E352-7392-152A0570573E}" = CCC Help Greek
"{F5A6CC63-2BED-914D-04E5-1702471E675D}" = ccc-core-static
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ERUNT_is1" = ERUNT 1.1j
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NSS" = Norton Security Scan
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"TeamViewer 6" = TeamViewer 6
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinPcapInst" = WinPcap 4.1.1
"WT083877" = Chuzzle Deluxe
"WT083890" = Zuma Deluxe
"WT083910" = Jewel Quest II
"WT083916" = Diner Dash 2 Restaurant Rescue
"WT083925" = Plants vs. Zombies
"WT083929" = Bejeweled 2 Deluxe
"WT083945" = FATE
"WT083958" = Penguins!
"WT083959" = Polar Bowler
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 07.02.2011 06:06:42 | Computer Name = Necati-TOSH | Source = Bonjour Service | ID = 100
Description = 
 
Error - 07.02.2011 06:06:42 | Computer Name = Necati-TOSH | Source = Bonjour Service | ID = 100
Description = 
 
Error - 07.02.2011 06:06:43 | Computer Name = Necati-TOSH | Source = Bonjour Service | ID = 100
Description = 
 
Error - 07.02.2011 06:06:43 | Computer Name = Necati-TOSH | Source = Bonjour Service | ID = 100
Description = 
 
Error - 07.02.2011 06:06:43 | Computer Name = Necati-TOSH | Source = Bonjour Service | ID = 100
Description = 
 
Error - 07.02.2011 11:25:42 | Computer Name = Necati-TOSH | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_TapiSrv, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000002628612
ID
 des fehlerhaften Prozesses: 0x4a0  Startzeit der fehlerhaften Anwendung: 0x01cbc5fcf6b5e1c4
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: 86546422-32ce-11e0-9852-88ae1deac095
 
Error - 07.02.2011 12:06:48 | Computer Name = Necati-TOSH | Source = ESENT | ID = 215
Description = WinMail (4948) WindowsMail0: Die Sicherung wurde abgebrochen, weil
 sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
 wurde.
 
Error - 07.02.2011 12:08:00 | Computer Name = Necati-TOSH | Source = Microsoft-Windows-User Profiles Service | ID = 1533
Description = Das Profilverzeichnis kann nicht gelöscht werden C:\Users\Necati. 
Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm
 verwendet werden.      DETAIL - Das Verzeichnis ist nicht leer.  
 
Error - 07.02.2011 12:11:41 | Computer Name = Necati-TOSH | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Die Anwendung oder der Dienst "Apple Mobile Device" konnte nicht neu
 gestartet werden.
 
Error - 08.02.2011 11:31:44 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
[ System Events ]
Error - 06.02.2011 18:09:24 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers
 fehlgeschlagen:   %%5
 
Error - 07.02.2011 11:25:43 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 07.02.2011 11:25:43 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 07.02.2011 11:25:43 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies 
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 07.02.2011 11:25:44 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 07.02.2011 11:25:44 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits 
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 07.02.2011 11:27:43 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
Error - 07.02.2011 12:00:29 | Computer Name = Necati-TOSH | Source = DCOM | ID = 10016
Description = 
 
Error - 07.02.2011 12:11:41 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Apple Mobile Device erreicht.
 
Error - 07.02.2011 12:11:41 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
 
< End of report >

cosinus · 14.02.2011, 19:14

Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes.

aspirin · 14.02.2011, 19:35

ich habe alles durchgeklickt im programm malwarebytes, es gibt keinen anderen logdateien ausser den ich gepostet habe.

edit: ps: ich weis nicht ob es eine wichtige info ist, aber denke dass es vielleicht weiterhilft. ich kann zum beispiel livestreams in topquali angucken ohne unterbruch ohne laggs. nur beim surfen ist es richtig lahm.

cosinus · 14.02.2011, 20:04

Zitat:

Art des Suchlaufs: Quick-Scan

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

aspirin · 14.02.2011, 20:47

erledigt, ich hoffe es bringt uns näher ans ziel.

Vollscan MBAM

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5763

Windows 6.1.7600
Internet Explorer 9.0.7930.16406

14.02.2011 20:43:06
mbam-log-2011-02-14 (20-43-06).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Durchsuchte Objekte: 267639
Laufzeit: 21 Minute(n), 59 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

aspirin · 02.03.2011, 17:43

hallo,
ist jetzt ne weilchen her seit meiner letzten posting und immer noch keine antwort erhalten.
bin mir nicht sicher, ob sie bei meinem problem keinen bock haben zu helfen, oder mein lappi einfach ein unlösbaren problem hat?
wie auch immer ich wäre froh über eine antwort, ob man da noch was machen kann oder ich den lappi einfach aufgeben soll?

mfg
aspirin

cosinus · 02.03.2011, 18:58

Es kann auch einfach mal vorkommen, dass man hier bei der Vielzahl der Fälle einen Strang übersieht, da muss man nicht gleich sowas wie Null-Bock-Phase oder "unlösbares Problem" herbeireden

Mach bitte ein neues OTL-Log, das letzte ist schon zu alt und stellt nicht mehr den Ist-Zustand deines System dar.

aspirin · 02.03.2011, 19:17

bin gleich erleichtert

das da noch was geht

ich hab heute mal den avira antivir durchlaufen lassen

ich glaube 3viren wurden entlarft und in quaräntene verschoben

Zitat:

Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Mittwoch, 2. März 2011 17:53

Es wird nach 2451843 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - FREE Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 x64
Windowsversion : (plain) [6.1.7600]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : NECATI-TOSH

Versionsinformationen:
BUILD.DAT : 10.0.0.611 31824 Bytes 14.01.2011 13:28:00
AVSCAN.EXE : 10.0.3.5 435368 Bytes 10.01.2011 13:22:56
AVSCAN.DLL : 10.0.3.0 56168 Bytes 10.01.2011 13:23:14
LUKE.DLL : 10.0.3.2 104296 Bytes 10.01.2011 13:23:03
LUKERES.DLL : 10.0.0.0 13672 Bytes 14.01.2010 10:59:47
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 08:05:36
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 13:23:11
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09.02.2011 16:50:29
VBASE003.VDF : 7.11.3.1 2048 Bytes 09.02.2011 16:50:29
VBASE004.VDF : 7.11.3.2 2048 Bytes 09.02.2011 16:50:29
VBASE005.VDF : 7.11.3.3 2048 Bytes 09.02.2011 16:50:29
VBASE006.VDF : 7.11.3.4 2048 Bytes 09.02.2011 16:50:29
VBASE007.VDF : 7.11.3.5 2048 Bytes 09.02.2011 16:50:29
VBASE008.VDF : 7.11.3.6 2048 Bytes 09.02.2011 16:50:29
VBASE009.VDF : 7.11.3.7 2048 Bytes 09.02.2011 16:50:29
VBASE010.VDF : 7.11.3.8 2048 Bytes 09.02.2011 16:50:29
VBASE011.VDF : 7.11.3.9 2048 Bytes 09.02.2011 16:50:29
VBASE012.VDF : 7.11.3.10 2048 Bytes 09.02.2011 16:50:29
VBASE013.VDF : 7.11.3.59 157184 Bytes 14.02.2011 16:50:29
VBASE014.VDF : 7.11.3.97 120320 Bytes 16.02.2011 16:50:30
VBASE015.VDF : 7.11.3.148 128000 Bytes 19.02.2011 16:50:30
VBASE016.VDF : 7.11.3.183 140288 Bytes 22.02.2011 16:50:30
VBASE017.VDF : 7.11.3.216 124416 Bytes 24.02.2011 16:50:30
VBASE018.VDF : 7.11.3.251 159232 Bytes 28.02.2011 16:50:30
VBASE019.VDF : 7.11.3.252 2048 Bytes 28.02.2011 16:50:31
VBASE020.VDF : 7.11.3.253 2048 Bytes 28.02.2011 16:50:31
VBASE021.VDF : 7.11.3.254 2048 Bytes 28.02.2011 16:50:31
VBASE022.VDF : 7.11.3.255 2048 Bytes 28.02.2011 16:50:31
VBASE023.VDF : 7.11.4.0 2048 Bytes 28.02.2011 16:50:31
VBASE024.VDF : 7.11.4.1 2048 Bytes 28.02.2011 16:50:31
VBASE025.VDF : 7.11.4.2 2048 Bytes 28.02.2011 16:50:31
VBASE026.VDF : 7.11.4.3 2048 Bytes 28.02.2011 16:50:31
VBASE027.VDF : 7.11.4.4 2048 Bytes 28.02.2011 16:50:31
VBASE028.VDF : 7.11.4.5 2048 Bytes 28.02.2011 16:50:31
VBASE029.VDF : 7.11.4.6 2048 Bytes 28.02.2011 16:50:31
VBASE030.VDF : 7.11.4.7 2048 Bytes 28.02.2011 16:50:31
VBASE031.VDF : 7.11.4.30 123392 Bytes 02.03.2011 16:50:31
Engineversion : 8.2.4.176
AEVDF.DLL : 8.1.2.1 106868 Bytes 10.01.2011 13:22:51
AESCRIPT.DLL : 8.1.3.55 1282426 Bytes 02.03.2011 16:50:35
AESCN.DLL : 8.1.7.2 127349 Bytes 10.01.2011 13:22:49
AESBX.DLL : 8.1.3.2 254324 Bytes 10.01.2011 13:22:49
AERDL.DLL : 8.1.9.2 635252 Bytes 10.01.2011 13:22:49
AEPACK.DLL : 8.2.4.10 520567 Bytes 02.03.2011 16:50:35
AEOFFICE.DLL : 8.1.1.16 205179 Bytes 02.03.2011 16:50:34
AEHEUR.DLL : 8.1.2.81 3314038 Bytes 02.03.2011 16:50:34
AEHELP.DLL : 8.1.16.1 246134 Bytes 02.03.2011 16:50:32
AEGEN.DLL : 8.1.5.2 397683 Bytes 02.03.2011 16:50:32
AEEMU.DLL : 8.1.3.0 393589 Bytes 10.01.2011 13:22:42
AECORE.DLL : 8.1.19.2 196983 Bytes 02.03.2011 16:50:32
AEBB.DLL : 8.1.1.0 53618 Bytes 10.01.2011 13:22:41
AVWINLL.DLL : 10.0.0.0 19304 Bytes 10.01.2011 13:22:56
AVPREF.DLL : 10.0.0.0 44904 Bytes 10.01.2011 13:22:55
AVREP.DLL : 10.0.0.8 62209 Bytes 17.06.2010 13:26:53
AVREG.DLL : 10.0.3.2 53096 Bytes 10.01.2011 13:22:55
AVSCPLR.DLL : 10.0.3.2 84328 Bytes 10.01.2011 13:22:56
AVARKT.DLL : 10.0.22.6 231784 Bytes 10.01.2011 13:22:51
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 10.01.2011 13:22:54
SQLITE3.DLL : 3.6.19.0 355688 Bytes 17.06.2010 13:27:02
AVSMTP.DLL : 10.0.0.17 63848 Bytes 10.01.2011 13:22:56
NETNT.DLL : 10.0.0.0 11624 Bytes 17.06.2010 13:27:01
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 12:10:08
RCTEXT.DLL : 10.0.58.0 98152 Bytes 10.01.2011 13:23:15

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, Q:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: mittel
Abweichende Gefahrenkategorien........: +PCK,+PFS,

Beginn des Suchlaufs: Mittwoch, 2. März 2011 17:53

Der Suchlauf nach versteckten Objekten wird begonnen.
HKEY_LOCAL_MACHINE\Software\McAfee\symboliclinkvalue
[HINWEIS] Der Registrierungseintrag ist nicht sichtbar.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\Flyout\381b4222-f694-41f0-9685-ff5bb260df2e
[HINWEIS] Der Registrierungseintrag ist nicht sichtbar.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'Safari.exe' - '148' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '132' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'DDMService.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'CFSvcs.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'CFSwMgr.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'NDSTray.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'DivXUpdate.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'TWebCamera.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'KeNotify.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'NBAgent.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'TOPI.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'NBService.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'RIconMan.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '41' Modul(e) wurden durchsucht

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'Q:\'
[INFO] Es wurde kein Virus gefunden!
[INFO] Bitte starten Sie den Suchlauf erneut mit Administratorrechten

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '729' Dateien ).

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <WINDOWS>
C:\Users\selo2\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d5
[FUND] Ist das Trojanische Pferd TR/Dropper.Gen
C:\Users\selo2\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\7fcb7137-522af725
[0] Archivtyp: ZIP
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Agent.JH
--> plugin/adobe.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Agent.JH
--> plugin/sportGame.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Agent.JG
C:\Users\selo2\Downloads\video_components_update.exe
[FUND] Ist das Trojanische Pferd TR/Shakat.o.375
Beginne mit der Suche in 'D:\' <Data>
Beginne mit der Suche in 'Q:\'
Der zu durchsuchende Pfad Q:\ konnte nicht geöffnet werden!
Systemfehler [5]: Zugriff verweigert

Beginne mit der Desinfektion:
C:\Users\selo2\Downloads\video_components_update.exe
[FUND] Ist das Trojanische Pferd TR/Shakat.o.375
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '49132c15.qua' verschoben!
C:\Users\selo2\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\7fcb7137-522af725
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Agent.JG
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '518703b7.qua' verschoben!
C:\Users\selo2\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0000d5
[FUND] Ist das Trojanische Pferd TR/Dropper.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '03975951.qua' verschoben!

Ende des Suchlaufs: Mittwoch, 2. März 2011 19:11
Benötigte Zeit: 1:06:10 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

21349 Verzeichnisse wurden überprüft
277447 Dateien wurden geprüft
4 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
3 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
277443 Dateien ohne Befall
1225 Archive wurden durchsucht
0 Warnungen
3 Hinweise
375691 Objekte wurden beim Rootkitscan durchsucht
2 Versteckte Objekte wurden gefunden

cosinus · 02.03.2011, 19:42

Zitat:

C:\Users\selo2\Downloads\video_components_update.exe

Kannst du das noch zuordnen?
Was ist mit den Logs die ich nochmal frisch wollte?

aspirin · 02.03.2011, 20:05

keine ahnung, kann des gerade nicht einfach so zuordnen.
aber denke schon das ich des brauche gucke sehr oft sport filme und diverse livestreams online.

otl und mbam hab ich gleich durch und wird gleich gepostet.

noch was ich habe aktuell 4 verschiedene browser die ich benutze aktuell "google chrome, safari, IE und FF" das bisherige problem war dass ich immer ca bis zu einer minute gebraucht habe bis sich seiten geöffnet haben, dieses problem ist nicht mehr so schlimm geht wieder einiges schneller, aber was mich jetzt ärgert das zB: facebook auf ff und google chrome keine rückmeldungen erhalten und auf ie komm ich rein aber sehe nix keine inhalte ausser den obersten balken, nur auf safari funktioniert es einwandfrei. zum beispiel youtube dass selbe da bekomm ich bei ie und ff keine rückmeldung und bei dem rest einwandfrei. es vaariert sich immer je nach dem

situation wird immer schlimmer

hier die neusten daten

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5935

Windows 6.1.7600
Internet Explorer 9.0.7930.16406

02.03.2011 20:13:40
mbam-log-2011-03-02 (20-13-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Durchsuchte Objekte: 284446
Laufzeit: 38 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Code:

ATTFilter

OTL logfile created on: 02.03.2011 19:24:29 - Run 3
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\selo2\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 86,05 Gb Free Space | 73,90% Space Free | Partition Type: NTFS
Drive D: | 116,05 Gb Total Space | 108,66 Gb Free Space | 93,63% Space Free | Partition Type: NTFS
 
Computer Name: NECATI-TOSH | User Name: selo2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.02.18 09:22:03 | 000,995,896 | ---- | M] (Google Inc.) -- C:\Users\selo2\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2011.02.14 15:46:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\selo2\Desktop\OTL.exe
PRC - [2011.02.08 01:17:54 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2011.01.27 16:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.01.11 00:25:06 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.01.10 14:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.12.03 20:43:34 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.08.27 16:20:14 | 001,811,456 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
PRC - [2010.08.15 18:54:50 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2010.06.03 15:09:00 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2010.05.01 15:55:36 | 002,454,840 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2010.04.24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.04.24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.03.09 01:23:22 | 001,086,760 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
PRC - [2010.03.03 11:47:38 | 004,581,280 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
PRC - [2010.01.15 13:08:38 | 000,935,208 | ---- | M] (Nero AG) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009.07.28 19:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.02.14 15:46:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\selo2\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.07.27 20:53:28 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.05.25 19:08:30 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2010.02.05 16:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.07.28 13:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2011.01.27 16:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.08.27 16:20:14 | 001,811,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.07.01 10:59:02 | 000,051,576 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010.05.11 08:40:52 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010.04.24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.04.24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.28 15:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2010.01.15 13:08:38 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.10 17:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.01.10 14:23:15 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.01.10 14:23:15 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.11.02 16:48:38 | 001,103,464 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2010.09.28 15:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.09.24 07:55:21 | 000,020,592 | ---- | M] (Compal Electronics, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CeKbFilter.sys -- (CeKbFilter)
DRV:64bit: - [2010.07.27 21:22:14 | 007,450,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.07.27 20:16:52 | 000,268,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.06.23 16:10:56 | 000,344,680 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.04.24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.04.24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.04.24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.04.24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.03.22 09:55:20 | 000,046,192 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2010.03.10 17:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.01.27 03:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010.01.07 08:05:46 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.10.07 17:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.10.07 17:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.30 18:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.14 14:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.22 16:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 09:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.02.21 20:49:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.02.21 20:49:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.12 00:35:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.24 16:55:12 | 000,000,000 | ---D | M]
 
[2011.02.12 00:36:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\selo2\AppData\Roaming\mozilla\Extensions
[2011.02.22 17:48:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\selo2\AppData\Roaming\mozilla\Firefox\Profiles\zm2z58cy.default\extensions
[2011.02.19 14:14:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.01.15 00:19:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.21 20:49:36 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.02.21 20:49:36 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Programme\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NBAgent] c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.03.02 17:53:06 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Avira
[2011.03.02 17:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.03.02 17:49:22 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.03.02 17:49:22 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.03.02 17:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.03.02 17:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.02.27 14:17:56 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.02.26 15:15:06 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
[2011.02.26 15:15:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2011.02.24 16:55:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.02.21 20:51:21 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\DDMSettings
[2011.02.21 20:49:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.02.21 20:49:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011.02.19 14:34:08 | 000,000,000 | ---D | C] -- C:\Users\selo2\Documents\MAGIX Downloads
[2011.02.19 14:34:06 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\MAGIX
[2011.02.19 14:33:07 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2011.02.19 14:33:03 | 000,430,080 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\MXRestore.exe
[2011.02.19 14:33:03 | 000,188,416 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRES32.dll
[2011.02.19 14:33:03 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPTL32.dll
[2011.02.19 14:33:03 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLTPO32.dll
[2011.02.19 14:33:03 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRJ32.dll
[2011.02.19 14:33:03 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRF32.dll
[2011.02.19 14:33:03 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRD32.dll
[2011.02.19 14:33:03 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPNT32.dll
[2011.02.19 14:33:03 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\STRING32.dll
[2011.02.19 14:33:03 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLMSC32.dll
[2011.02.19 14:33:03 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTIC32.dll
[2011.02.19 14:33:03 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTI32.dll
[2011.02.19 14:33:03 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIX.dll
[2011.02.19 14:33:02 | 000,487,424 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLAV32.dll
[2011.02.19 14:33:02 | 000,163,840 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDEV32.dll
[2011.02.19 14:33:02 | 000,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDRV32.dll
[2011.02.19 14:33:02 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDA32.dll
[2011.02.19 14:33:02 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCPY32.dll
[2011.02.19 14:33:02 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDF32.dll
[2011.02.19 14:33:02 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIO32.dll
[2011.02.19 14:33:02 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIMG32.dll
[2011.02.19 14:33:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLISO32.dll
[2011.02.19 14:33:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDIR32.dll
[2011.02.19 14:32:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2011.02.19 14:32:45 | 000,000,000 | ---D | C] -- C:\Users\selo2\Documents\MAGIX_MusicMaker15_for_MySpace
[2011.02.19 14:32:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011.02.19 14:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2011.02.19 14:31:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MAGIX
[2011.02.19 14:31:25 | 000,700,416 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\mgxoschk.dll
[2011.02.19 13:58:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSPXMedia
[2011.02.19 13:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macaw
[2011.02.15 01:15:47 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Apple Computer
[2011.02.15 01:15:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safari
[2011.02.15 01:15:15 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.02.15 01:15:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.02.15 01:13:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.02.14 15:46:25 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\selo2\Desktop\OTL.exe
[2011.02.14 15:40:21 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.02.14 15:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.02.14 15:38:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2011.02.14 15:30:56 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Malwarebytes
[2011.02.14 15:30:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.02.14 15:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.14 15:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.14 15:30:08 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.02.14 15:30:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.02.14 15:29:00 | 000,000,000 | ---D | C] -- C:\Users\selo2\Desktop\MFTools
[2011.02.14 11:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
[2011.02.14 00:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2011.02.13 22:39:29 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\SoftGrid Client
[2011.02.13 22:39:28 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\SoftGrid Client
[2011.02.13 22:37:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.02.13 22:37:29 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011.02.13 22:37:28 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.02.13 22:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2011.02.13 22:37:04 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\TP
[2011.02.13 04:06:02 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\ElevatedDiagnostics
[2011.02.12 17:18:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2011.02.12 01:05:19 | 000,521,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.02.12 01:05:19 | 000,189,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011.02.12 01:05:19 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011.02.12 01:05:18 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011.02.12 01:05:07 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2011.02.12 00:36:00 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Mozilla
[2011.02.12 00:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.02.12 00:30:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.02.12 00:05:35 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\InstallShield
[2011.02.12 00:05:30 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\WinBatch
[2011.02.11 23:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011.02.11 22:31:33 | 000,921,512 | ---- | C] (Symantec Corporation) -- C:\Users\selo2\Desktop\Norton_Removal_Tool_2011.exe
[2011.02.11 21:29:29 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\COMPUTERBILD Browser-Optimierer
[2011.02.11 21:24:17 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Skype
[2011.02.10 22:30:19 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Diagnostics
[2011.02.10 19:09:03 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Google
[2011.02.10 11:01:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.02.10 11:01:29 | 001,502,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.02.10 11:01:29 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.02.10 11:01:29 | 000,242,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.02.09 18:43:02 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011.02.09 18:43:02 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011.02.09 18:43:00 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011.02.09 18:42:59 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011.02.09 18:42:59 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011.02.09 18:42:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011.02.09 18:42:59 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.02.09 18:42:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.02.09 18:42:29 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.02.09 18:42:03 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.02.09 18:42:03 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.02.09 18:41:38 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.02.09 18:41:38 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011.02.09 18:41:37 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.02.09 18:41:37 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.02.09 18:41:31 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.02.09 18:41:31 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.02.09 18:41:31 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.02.09 18:41:31 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.02.09 02:09:59 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\TOSHIBA_Corporation
[2011.02.07 17:16:38 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Mozilla
[2011.02.07 17:12:44 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Apple
[2011.02.07 17:10:37 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Adobe
[2011.02.07 17:08:39 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Adobe
[2011.02.07 17:08:17 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Toshiba
[2011.02.07 17:07:20 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Toshiba
[2011.02.07 17:07:07 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Apple Computer
[2011.02.07 17:07:05 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\ATI
[2011.02.07 17:07:05 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\ATI
[2011.02.07 17:07:03 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Nero
[2011.02.07 17:06:51 | 000,000,000 | R--D | C] -- C:\Users\selo2\Searches
[2011.02.07 17:06:51 | 000,000,000 | R--D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.02.07 17:06:48 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Identities
[2011.02.07 17:06:46 | 000,000,000 | R--D | C] -- C:\Users\selo2\Contacts
[2011.02.07 17:06:45 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\VirtualStore
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Vorlagen
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\AppData\Local\Verlauf
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\AppData\Local\Temporary Internet Files
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Startmenü
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\SendTo
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Recent
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Netzwerkumgebung
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Lokale Einstellungen
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Eigene Dateien
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Druckumgebung
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Cookies
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\AppData\Local\Anwendungsdaten
[2011.02.07 17:06:43 | 000,000,000 | -HSD | C] -- C:\Users\selo2\Anwendungsdaten
[2011.02.07 17:06:42 | 000,000,000 | --SD | C] -- C:\Users\selo2\AppData\Roaming\Microsoft
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Videos
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Saved Games
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Pictures
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Music
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Links
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Favorites
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Downloads
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Documents
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\Desktop
[2011.02.07 17:06:42 | 000,000,000 | R--D | C] -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.02.07 17:06:42 | 000,000,000 | -H-D | C] -- C:\Users\selo2\AppData
[2011.02.07 17:06:42 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Temp
[2011.02.07 17:06:42 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Local\Microsoft
[2011.02.07 17:06:42 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Media Center Programs
[2011.02.07 17:06:42 | 000,000,000 | ---D | C] -- C:\Users\selo2\AppData\Roaming\Macromedia
[2011.02.06 13:27:26 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.02.06 13:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectX Buster
[2011.02.06 13:04:36 | 000,000,000 | ---D | C] -- C:\Windows\uninstall
 
========== Files - Modified Within 30 Days ==========
 
[2011.03.02 19:21:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-416687532-3754515874-3380062714-1004UA.job
[2011.03.02 17:49:41 | 000,002,033 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.03.02 17:24:13 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.02 17:24:13 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.02 15:16:47 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.02 15:16:47 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.02 15:16:47 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.02 15:16:47 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.02 15:16:47 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.02 15:15:41 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-416687532-3754515874-3380062714-1004Core.job
[2011.03.02 15:15:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.01 22:52:48 | 000,000,500 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Necati.job
[2011.03.01 22:52:48 | 000,000,498 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for selo2.job
[2011.03.01 19:53:36 | 000,002,408 | ---- | M] () -- C:\Users\selo2\Desktop\Google Chrome.lnk
[2011.03.01 10:50:41 | 2211,209,216 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.28 01:22:26 | 000,495,350 | ---- | M] () -- C:\Users\selo2\Desktop\jbhj.png
[2011.02.26 15:15:06 | 000,000,958 | ---- | M] () -- C:\Users\selo2\Desktop\SopCast.lnk
[2011.02.24 13:15:58 | 000,294,192 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.02.22 11:22:00 | 000,021,203 | ---- | M] () -- C:\Users\selo2\Documents\crosstraining.docx
[2011.02.21 20:49:39 | 000,001,620 | ---- | M] () -- C:\Users\selo2\Desktop\DivX Movies.lnk
[2011.02.19 14:33:17 | 000,007,119 | ---- | M] () -- C:\Windows\mgxoschk.ini
[2011.02.19 14:32:54 | 000,001,202 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker for MySpace.lnk
[2011.02.15 01:15:43 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011.02.14 15:46:28 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\selo2\Desktop\OTL.exe
[2011.02.14 15:38:48 | 000,000,891 | ---- | M] () -- C:\Users\selo2\Desktop\NTREGOPT.lnk
[2011.02.14 15:38:48 | 000,000,872 | ---- | M] () -- C:\Users\selo2\Desktop\ERUNT.lnk
[2011.02.14 15:32:10 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.14 15:27:52 | 000,472,080 | ---- | M] () -- C:\Users\selo2\Desktop\Load.exe
[2011.02.14 03:00:42 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.12 17:18:50 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.02.12 01:05:08 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.02.12 01:05:08 | 000,189,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011.02.12 01:05:08 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011.02.12 01:05:08 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011.02.11 22:31:33 | 000,921,512 | ---- | M] (Symantec Corporation) -- C:\Users\selo2\Desktop\Norton_Removal_Tool_2011.exe
[2011.02.07 17:06:44 | 000,000,680 | RHS- | M] () -- C:\Users\selo2\ntuser.pol
[2011.02.06 13:32:28 | 000,009,128 | ---- | M] () -- C:\Windows\WININIT.INI
 
========== Files Created - No Company Name ==========
 
[2011.03.02 17:49:41 | 000,002,033 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.02.28 01:22:25 | 000,495,350 | ---- | C] () -- C:\Users\selo2\Desktop\jbhj.png
[2011.02.27 14:18:07 | 000,002,408 | ---- | C] () -- C:\Users\selo2\Desktop\Google Chrome.lnk
[2011.02.27 14:16:58 | 000,001,118 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-416687532-3754515874-3380062714-1004UA.job
[2011.02.27 14:16:56 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-416687532-3754515874-3380062714-1004Core.job
[2011.02.26 15:15:06 | 000,000,958 | ---- | C] () -- C:\Users\selo2\Desktop\SopCast.lnk
[2011.02.21 20:49:39 | 000,001,620 | ---- | C] () -- C:\Users\selo2\Desktop\DivX Movies.lnk
[2011.02.19 14:33:04 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2011.02.19 14:33:02 | 000,014,182 | ---- | C] () -- C:\Windows\SysWow64\DLLAV32.lib
[2011.02.19 14:32:54 | 000,001,202 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker for MySpace.lnk
[2011.02.19 14:31:53 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.02.19 14:31:26 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.02.19 00:11:13 | 001,356,012 | ---- | C] () -- C:\Users\selo2\Desktop\IMG_0095.JPG
[2011.02.19 00:02:49 | 001,104,887 | ---- | C] () -- C:\Users\selo2\Desktop\IMG_1008.JPG
[2011.02.15 01:15:43 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2011.02.15 01:15:43 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2011.02.15 01:13:26 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.02.14 15:38:48 | 000,000,891 | ---- | C] () -- C:\Users\selo2\Desktop\NTREGOPT.lnk
[2011.02.14 15:38:48 | 000,000,872 | ---- | C] () -- C:\Users\selo2\Desktop\ERUNT.lnk
[2011.02.14 15:30:12 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.14 15:27:50 | 000,472,080 | ---- | C] () -- C:\Users\selo2\Desktop\Load.exe
[2011.02.13 22:57:50 | 000,021,203 | ---- | C] () -- C:\Users\selo2\Documents\crosstraining.docx
[2011.02.13 22:38:32 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.12 17:18:50 | 000,001,141 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.02.12 17:18:50 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 6.lnk
[2011.02.11 22:27:45 | 000,000,498 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for selo2.job
[2011.02.07 17:06:58 | 000,001,412 | ---- | C] () -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.02.07 17:06:52 | 000,001,406 | ---- | C] () -- C:\Users\selo2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.02.07 17:06:44 | 000,000,680 | RHS- | C] () -- C:\Users\selo2\ntuser.pol
[2011.02.06 13:05:03 | 000,009,128 | ---- | C] () -- C:\Windows\WININIT.INI
[2011.01.03 22:36:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.24 08:12:13 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2010.01.27 03:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.28 03:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
 
========== LOP Check ==========
 
[2011.02.11 21:29:58 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\COMPUTERBILD Browser-Optimierer
[2011.02.19 14:34:06 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\MAGIX
[2011.02.24 02:03:46 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\SoftGrid Client
[2011.03.01 23:36:34 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\Toshiba
[2011.02.13 22:39:40 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\TP
[2011.02.12 00:05:30 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\WinBatch
[2009.07.14 06:08:49 | 000,014,994 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
[2011.03.02 15:16:47 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.02 15:16:47 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.02 15:16:47 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.02 15:16:47 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.02 15:16:47 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
 
========== LOP Check ==========
 
[2011.02.11 21:29:58 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\COMPUTERBILD Browser-Optimierer
[2011.02.19 14:34:06 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\MAGIX
[2011.02.24 02:03:46 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\SoftGrid Client
[2011.03.01 23:36:34 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\Toshiba
[2011.02.13 22:39:40 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\TP
[2011.02.12 00:05:30 | 000,000,000 | ---D | M] -- C:\Users\selo2\AppData\Roaming\WinBatch
[2009.07.14 06:08:49 | 000,014,994 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 02.03.2011 19:24:29 - Run 3
OTL by OldTimer - Version 3.2.20.6     Folder = C:\Users\selo2\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 69,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 86,05 Gb Free Space | 73,90% Space Free | Partition Type: NTFS
Drive D: | 116,05 Gb Total Space | 108,66 Gb Free Space | 93,63% Space Free | Partition Type: NTFS
 
Computer Name: NECATI-TOSH | User Name: selo2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6DB58D2-E7E8-5B0F-65F8-B76713C0AF75}" = ATI Catalyst Install Manager
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{CC3F8680-2A8A-95B1-584E-EA4BDE0DF783}" = ccc-utility64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0CB6FBBE-71FC-7AE1-0506-AF2DFAAB5F99}" = CCC Help Finnish
"{0DCDE91E-ACD7-A105-A713-CF3C22BC1EF7}" = CCC Help Portuguese
"{0E4D665E-0441-D356-1B61-4FDCE2122F54}" = CCC Help Danish
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3AB215C2-0BE4-EC89-A90A-FA54B7C03E0A}" = CCC Help Chinese Traditional
"{3B2AFF45-1C2E-E544-A480-A9CA43FC8977}" = Catalyst Control Center Localization All
"{3E70F662-B29D-FE4E-D31D-0D088AB3C42E}" = CCC Help German
"{40C17193-BC19-CB9F-35DA-A44F9B6A520F}" = Catalyst Control Center Graphics Previews Common
"{418E42D7-E8D0-1953-B7ED-9D75149D64D5}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F8EBB31-EB6A-7C7A-40ED-57F2841998EB}" = CCC Help Czech
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{64E65803-D18A-D799-01A9-69ACB8B49B5E}" = CCC Help Italian
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85A87BCB-C8A1-179D-231D-D77C2462394F}" = CCC Help Norwegian
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95CFDCE3-0AE1-01F5-D9C8-D5016C49D2D9}" = CCC Help Hungarian
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9CC701E9-79FB-19EB-907C-33730D6D9450}" = Catalyst Control Center Graphics Previews Vista
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}" = Photo Service - powered by myphotobook
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A920CC75-A1F8-4275-6CBF-0B7817AF364E}" = CCC Help Dutch
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{B10364A6-B6BD-9F06-BF50-A779FBE803F4}" = CCC Help Polish
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D136FCBA-7D93-DA4E-ED4D-024ACA891E70}" = CCC Help Japanese
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D5F7D473-4819-D77B-E5A8-4B1569C47A2D}" = CCC Help Korean
"{D7397487-E01A-6ACE-C24E-BB19469B9FDE}" = CCC Help Swedish
"{DB928E9C-4C6B-DDF4-0748-C4D542A75E95}" = CCC Help Chinese Standard
"{DBB7021A-3437-446F-ACE5-7261644A972C}" = Toshiba TEMPRO
"{DDC8362F-D041-6C5E-0221-E23CF71C73AE}" = CCC Help Spanish
"{DDDD6410-C2B9-7BC7-3A93-0D155AE07E25}" = Catalyst Control Center InstallProxy
"{DEC74752-09D3-309D-72B6-40114F57B223}" = CCC Help Russian
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E0FAA369-B0E3-48B8-9447-4873103B0012}" = TOSHIBA ConfigFree
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{e89ab375-a0c5-4612-916e-9fe373084212}" = Nero 9 Essentials
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EC8D0634-4567-DBD4-97B2-F8C879F7DBF8}" = CCC Help English
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0483BEB-E626-E306-DFBD-D3A1E582BF43}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2431B40-5D69-BBB8-F20B-4F28D8ED563E}" = CCC Help Thai
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F4AECBDF-6985-E352-7392-152A0570573E}" = CCC Help Greek
"{F5A6CC63-2BED-914D-04E5-1702471E675D}" = ccc-core-static
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"ERUNT_is1" = ERUNT 1.1j
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"MAGIX Music Maker for MySpace D" = MAGIX Music Maker for MySpace 15.0.1.8 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NSS" = Norton Security Scan
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"SopCast" = SopCast 3.3.2
"TeamViewer 6" = TeamViewer 6
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinPcapInst" = WinPcap 4.1.1
"WT083877" = Chuzzle Deluxe
"WT083890" = Zuma Deluxe
"WT083910" = Jewel Quest II
"WT083916" = Diner Dash 2 Restaurant Rescue
"WT083925" = Plants vs. Zombies
"WT083929" = Bejeweled 2 Deluxe
"WT083945" = FATE
"WT083958" = Penguins!
"WT083959" = Polar Bowler
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 07.02.2011 12:08:00 | Computer Name = Necati-TOSH | Source = Microsoft-Windows-User Profiles Service | ID = 1533
Description = Das Profilverzeichnis kann nicht gelöscht werden C:\Users\Necati. 
Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm
 verwendet werden.      DETAIL - Das Verzeichnis ist nicht leer.  
 
Error - 07.02.2011 12:11:41 | Computer Name = Necati-TOSH | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Die Anwendung oder der Dienst "Apple Mobile Device" konnte nicht neu
 gestartet werden.
 
Error - 08.02.2011 11:31:44 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 09.02.2011 20:21:40 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 10.02.2011 06:00:56 | Computer Name = Necati-TOSH | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_TapiSrv, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000004f6aa30
ID
 des fehlerhaften Prozesses: 0x4b0  Startzeit der fehlerhaften Anwendung: 0x01cbc83a414ce012
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: a6b6bd48-34fc-11e0-840f-88ae1deac095
 
Error - 10.02.2011 14:03:21 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 11.02.2011 14:01:11 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 11.02.2011 17:21:25 | Computer Name = Necati-TOSH | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7600.16385,
 Zeitstempel: 0x4a5bc3e6  Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4cf4536a  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6ce9bb89
ID
 des fehlerhaften Prozesses: 0x1388  Startzeit der fehlerhaften Anwendung: 0x01cbca31a26e3c8d
Pfad
 der fehlerhaften Anwendung: C:\Windows\syswow64\MsiExec.exe  Pfad des fehlerhaften
 Moduls: QuickTime.qts  Berichtskennung: e14dd8f1-3624-11e0-a635-88ae1deac095
 
Error - 12.02.2011 18:38:50 | Computer Name = Necati-TOSH | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_TapiSrv, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000250aa30
ID
 des fehlerhaften Prozesses: 0x49c  Startzeit der fehlerhaften Anwendung: 0x01cbca3822d91528
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: dc51f351-36f8-11e0-8523-88ae1deac095
 
Error - 12.02.2011 22:36:45 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
[ System Events ]
Error - 07.02.2011 11:27:43 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
Error - 07.02.2011 12:00:29 | Computer Name = Necati-TOSH | Source = DCOM | ID = 10016
Description = 
 
Error - 07.02.2011 12:11:41 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Apple Mobile Device erreicht.
 
Error - 07.02.2011 12:11:41 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies 
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits 
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 10.02.2011 06:02:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
 
< End of report >
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6DB58D2-E7E8-5B0F-65F8-B76713C0AF75}" = ATI Catalyst Install Manager
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{CC3F8680-2A8A-95B1-584E-EA4BDE0DF783}" = ccc-utility64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0420F95C-11FF-4E02-B967-6CC22B188F9F}" = Nero BackItUp
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0CB6FBBE-71FC-7AE1-0506-AF2DFAAB5F99}" = CCC Help Finnish
"{0DCDE91E-ACD7-A105-A713-CF3C22BC1EF7}" = CCC Help Portuguese
"{0E4D665E-0441-D356-1B61-4FDCE2122F54}" = CCC Help Danish
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2290A680-4083-410A-ADCC-7092C67FC052}" = TOSHIBA Online Product Information
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 23
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{397516AE-7DFE-4F90-84E0-BD616D559434}" = Nero BurnRights
"{3AB215C2-0BE4-EC89-A90A-FA54B7C03E0A}" = CCC Help Chinese Traditional
"{3B2AFF45-1C2E-E544-A480-A9CA43FC8977}" = Catalyst Control Center Localization All
"{3E70F662-B29D-FE4E-D31D-0D088AB3C42E}" = CCC Help German
"{40C17193-BC19-CB9F-35DA-A44F9B6A520F}" = Catalyst Control Center Graphics Previews Common
"{418E42D7-E8D0-1953-B7ED-9D75149D64D5}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F8EBB31-EB6A-7C7A-40ED-57F2841998EB}" = CCC Help Czech
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}" = Nero RescueAgent
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{64E65803-D18A-D799-01A9-69ACB8B49B5E}" = CCC Help Italian
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}" = Nero Express
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85A87BCB-C8A1-179D-231D-D77C2462394F}" = CCC Help Norwegian
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8BD785CF-30C7-4182-B250-0D5FCE78D4DD}" = Catalyst Control Center - Branding
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95CFDCE3-0AE1-01F5-D9C8-D5016C49D2D9}" = CCC Help Hungarian
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9CC701E9-79FB-19EB-907C-33730D6D9450}" = Catalyst Control Center Graphics Previews Vista
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}" = Photo Service - powered by myphotobook
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A920CC75-A1F8-4275-6CBF-0B7817AF364E}" = CCC Help Dutch
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{B10364A6-B6BD-9F06-BF50-A779FBE803F4}" = CCC Help Polish
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}" = TOSHIBA Assist
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D136FCBA-7D93-DA4E-ED4D-024ACA891E70}" = CCC Help Japanese
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D5F7D473-4819-D77B-E5A8-4B1569C47A2D}" = CCC Help Korean
"{D7397487-E01A-6ACE-C24E-BB19469B9FDE}" = CCC Help Swedish
"{DB928E9C-4C6B-DDF4-0748-C4D542A75E95}" = CCC Help Chinese Standard
"{DBB7021A-3437-446F-ACE5-7261644A972C}" = Toshiba TEMPRO
"{DDC8362F-D041-6C5E-0221-E23CF71C73AE}" = CCC Help Spanish
"{DDDD6410-C2B9-7BC7-3A93-0D155AE07E25}" = Catalyst Control Center InstallProxy
"{DEC74752-09D3-309D-72B6-40114F57B223}" = CCC Help Russian
"{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}" = Nero BackItUp and Burn
"{E0FAA369-B0E3-48B8-9447-4873103B0012}" = TOSHIBA ConfigFree
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{e89ab375-a0c5-4612-916e-9fe373084212}" = Nero 9 Essentials
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EC8D0634-4567-DBD4-97B2-F8C879F7DBF8}" = CCC Help English
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0483BEB-E626-E306-DFBD-D3A1E582BF43}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2431B40-5D69-BBB8-F20B-4F28D8ED563E}" = CCC Help Thai
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F4AECBDF-6985-E352-7392-152A0570573E}" = CCC Help Greek
"{F5A6CC63-2BED-914D-04E5-1702471E675D}" = ccc-core-static
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DivX Setup.divx.com" = DivX-Setup
"ERUNT_is1" = ERUNT 1.1j
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Photo Service - powered by myphotobook
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}" = TOSHIBA ReelTime
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"MAGIX Music Maker for MySpace D" = MAGIX Music Maker for MySpace 15.0.1.8 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"NSS" = Norton Security Scan
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"SopCast" = SopCast 3.3.2
"TeamViewer 6" = TeamViewer 6
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinPcapInst" = WinPcap 4.1.1
"WT083877" = Chuzzle Deluxe
"WT083890" = Zuma Deluxe
"WT083910" = Jewel Quest II
"WT083916" = Diner Dash 2 Restaurant Rescue
"WT083925" = Plants vs. Zombies
"WT083929" = Bejeweled 2 Deluxe
"WT083945" = FATE
"WT083958" = Penguins!
"WT083959" = Polar Bowler
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 07.02.2011 12:08:00 | Computer Name = Necati-TOSH | Source = Microsoft-Windows-User Profiles Service | ID = 1533
Description = Das Profilverzeichnis kann nicht gelöscht werden C:\Users\Necati. 
Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm
 verwendet werden.      DETAIL - Das Verzeichnis ist nicht leer.  
 
Error - 07.02.2011 12:11:41 | Computer Name = Necati-TOSH | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Die Anwendung oder der Dienst "Apple Mobile Device" konnte nicht neu
 gestartet werden.
 
Error - 08.02.2011 11:31:44 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 09.02.2011 20:21:40 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 10.02.2011 06:00:56 | Computer Name = Necati-TOSH | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_TapiSrv, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000000004f6aa30
ID
 des fehlerhaften Prozesses: 0x4b0  Startzeit der fehlerhaften Anwendung: 0x01cbc83a414ce012
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: a6b6bd48-34fc-11e0-840f-88ae1deac095
 
Error - 10.02.2011 14:03:21 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 11.02.2011 14:01:11 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 11.02.2011 17:21:25 | Computer Name = Necati-TOSH | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7600.16385,
 Zeitstempel: 0x4a5bc3e6  Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version:
 0.0.0.0, Zeitstempel: 0x4cf4536a  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6ce9bb89
ID
 des fehlerhaften Prozesses: 0x1388  Startzeit der fehlerhaften Anwendung: 0x01cbca31a26e3c8d
Pfad
 der fehlerhaften Anwendung: C:\Windows\syswow64\MsiExec.exe  Pfad des fehlerhaften
 Moduls: QuickTime.qts  Berichtskennung: e14dd8f1-3624-11e0-a635-88ae1deac095
 
Error - 12.02.2011 18:38:50 | Computer Name = Necati-TOSH | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_TapiSrv, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000250aa30
ID
 des fehlerhaften Prozesses: 0x49c  Startzeit der fehlerhaften Anwendung: 0x01cbca3822d91528
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: dc51f351-36f8-11e0-8523-88ae1deac095
 
Error - 12.02.2011 22:36:45 | Computer Name = Necati-TOSH | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
[ System Events ]
Error - 07.02.2011 11:27:43 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
Error - 07.02.2011 12:00:29 | Computer Name = Necati-TOSH | Source = DCOM | ID = 10016
Description = 
 
Error - 07.02.2011 12:11:41 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Apple Mobile Device erreicht.
 
Error - 07.02.2011 12:11:41 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers 
nicht gestartet:   %%1053
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies 
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet.
 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 10.02.2011 06:00:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits 
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 10.02.2011 06:02:57 | Computer Name = Necati-TOSH | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
 
< End of report >

cosinus · 02.03.2011, 20:41

Hast du einen Router? Ist da noch das Standardpasswort drin für das Administrator-Webfrontend?

aspirin · 03.03.2011, 22:00

ich hab ehrlich gesagt keine ahnung was ein router ist?

keine ahnung wo man standard passwort für Administrator-Webfrontend überprüfen kann?

ich bin echt ein greenhorn

cosinus · 04.03.2011, 13:07

Wer hat dir die Internetverbindung eingerichtet?
Beschreib mal wie du ins Netz gehst. Musst du die Verbindung manuell vom PC aus erstellen oder ist sofort die Internetverbindung da, wenn der Rechner hochgefahren ist?

aspirin · 04.03.2011, 16:44

ich hab es selber eingerichtet mit passwort. den passwort, hab ich auch beim letzten laptop benutzt. sobald ich mein laptop hochfahre, verbindet es automatisch mit dem wlan modem ohne dass ich da etwas machen muss. so wie es sein muss denk ich mal, beim letzten laptop hat es auch nicht geschadet.

cosinus · 04.03.2011, 21:21

Wenn ich WLAN höre, hast du mit Sicherheit einen Router. Das ist das Teil, was die Einwahl ins Internet macht und deine Rechner werden davon "nur" bedient, machen also nicht selbst die "Einwahl" ins Internet.

mach mal folgendes, öffne Start, Ausführen und tippe diesen Codeschnippsel ein und führe es aus:

Code:

ATTFilter

ipconfig /all > "%userprofile%\Desktop\cosinus.txt"

Du hast danach eine cosinus.txt auf dem Desktop. Bitte diese Textdatei doppelklicken und den Inhalt hier posten.

14.02.2011, 19:14	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	internet: FF und IE öffnen die seiten extram langsam Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes. __________________ __________________

02.03.2011, 20:41	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	internet: FF und IE öffnen die seiten extram langsam Hast du einen Router? Ist da noch das Standardpasswort drin für das Administrator-Webfrontend? __________________ Logfiles bitte immer in CODE-Tags posten

04.03.2011, 13:07	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	internet: FF und IE öffnen die seiten extram langsam Wer hat dir die Internetverbindung eingerichtet? Beschreib mal wie du ins Netz gehst. Musst du die Verbindung manuell vom PC aus erstellen oder ist sofort die Internetverbindung da, wenn der Rechner hochgefahren ist? __________________ Logfiles bitte immer in CODE-Tags posten

internet: FF und IE öffnen die seiten extram langsam

Log-Analyse und Auswertung: internet: FF und IE öffnen die seiten extram langsam