Trojaner-Board - Suchmaschinen fehlerhaft

ad-aware hab ich deinstalliert und die schritte von dir durchgeführt:

Code:

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org
 

Datenbank Version: 7515
 

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514
 

20.08.2011 12:43:06

mbam-log-2011-08-20 (12-42-32).txt
 

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 155563

Laufzeit: 5 Minute(n), 28 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 6

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 1

Infizierte Verzeichnisse: 1

Infizierte Dateien: 4
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C689C99E-3A8C-4c87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C689C99E-3A8C-4c87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C689C99E-3A8C-4c87-A79C-C80DC9C81632} (Trojan.Banker) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> No action taken.

HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mrt.exe (Trojan.Agent) -> No action taken.
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

HKEY_CLASSES_ROOT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (hxxp://findgala.com/?&uid=231&q={searchTerms}) Good: (hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> No action taken.
 

Infizierte Verzeichnisse:

c:\Users\Sarah\AppData\Roaming\my security engine (Rogue.MySecurityEngine) -> No action taken.
 

Infizierte Dateien:

c:\Users\Sarah\AppData\Roaming\microsoft\internet explorer\quick launch\my security engine.lnk (Rogue.MySecurityEngine) -> No action taken.

c:\Windows\Tasks\{8c3fdd81-7ae0-4605-a46a-2488b179f2a3}.job (Trojan.Downloader) -> No action taken.

c:\Users\Sarah\AppData\Roaming\my security engine\cookies.sqlite (Rogue.MySecurityEngine) -> No action taken.

c:\Users\Sarah\AppData\Roaming\my security engine\instructions.ini (Rogue.MySecurityEngine) -> No action taken.

Code:

All processes killed

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.

Prefs.js: "ICQ Search" removed from browser.search.defaultenginename

Prefs.js: "Search" removed from browser.search.defaultthis.engineName

Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl

Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=" removed from keyword.URL

Prefs.js: "chrome://browser-region/locale/region.properties" removed from sweetim.toolbar.previous.browser.search.defaultenginename

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.

File C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.

File C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll not found.

Folder C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.

Folder C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\ not found.

Folder C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\engine@conduit.com\ not found.

File C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\conduit.xml not found.

File C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-2.xml not found.

File C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-3.xml not found.

File C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-4.xml not found.

File C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin.xml not found.

File C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\sweetim.xml not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0fe0d0e9-3201-11df-8b6a-b1ebac5de4d2}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0fe0d0e9-3201-11df-8b6a-b1ebac5de4d2}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0fe0d0e9-3201-11df-8b6a-b1ebac5de4d2}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0fe0d0e9-3201-11df-8b6a-b1ebac5de4d2}\ not found.

File F:\pushinst.exe not found.

C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 41044 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Public

 

User: Sarah

->Temp folder emptied: 28197305 bytes

->Temporary Internet Files folder emptied: 858808 bytes

->Java cache emptied: 23228872 bytes

->FireFox cache emptied: 136261205 bytes

->Opera cache emptied: 0 bytes

->Flash cache emptied: 44325 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 30134 bytes

RecycleBin emptied: 342299094 bytes

 

Total Files Cleaned = 506,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

OTL by OldTimer - Version 3.2.26.5 log created on 08202011_125559
 

Files\Folders moved on Reboot...
 

Registry entries deleted on Reboot...

Code:

7-Zip 9.20                19.08.2011                

Adobe AIR        Adobe Systems Inc.        06.09.2009                1.5.2.8870

Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        08.06.2010                10.0.45.2

Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        15.08.2011        6,00MB        10.3.183.5

Adobe Reader 9.1 - Deutsch        Adobe Systems Incorporated        06.09.2009        234,0MB        9.1.0

CCleaner        Piriform        01.05.2010                2.31

eBay        eBay Inc.        06.09.2009        0,16MB        1.0.4

Free Video to MP3 Converter version 3.2        DVDVideoSoft Limited.        25.12.2009                

Free YouTube to MP3 Converter version 3.10.5.722        DVDVideoSoft Limited.        26.07.2011        44,8MB        

Google Toolbar for Internet Explorer        Google Inc.        30.07.2011                7.1.1920.1238

HiJackThis        Trend Micro        18.08.2011        0,36MB        1.0.0

HP 2.4GHz Wireless Laser Comfort Mouse        Hewlett-Packard        31.07.2011        34,7MB        1.0.0.0

ICQ7.2        ICQ        15.09.2010                7.2

Intel(R) Graphics Media Accelerator Driver        Intel Corporation        28.09.2009        54,3MB        8.15.10.1883

Intel® Matrix Storage Manager        Intel Corporation        28.09.2009                

Java(TM) 6 Update 14        Sun Microsystems, Inc.        06.09.2009        97,5MB        6.0.140

Jewel Master - Cradle Of Rome        cerasus.media GmbH        25.12.2010                

LSI V92 MOH Application        LSI Corporation        28.09.2009                

Malwarebytes' Anti-Malware        Malwarebytes Corporation        27.03.2010        7,66MB        

Microsoft Office Standard Edition 2003        Microsoft Corporation        09.08.2011        725,5MB        11.0.8173.0

Microsoft Office Suite Activation Assistant        Microsoft Corporation        06.09.2009        8,37MB        2.9

Microsoft Security Essentials        Microsoft Corporation        08.08.2011                2.1.1116.0

Microsoft Silverlight        Microsoft Corporation        15.06.2011        182,5MB        4.0.60531.0

Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        06.09.2009        1,72MB        3.1.0000

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        16.12.2009        0,25MB        8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        15.06.2011        0,29MB        8.0.61001

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        16.12.2009        0,20MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        06.09.2009        0,58MB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        26.03.2010        0,58MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        15.06.2011        0,59MB        9.0.30729.6161

Microsoft Works        Microsoft Corporation        14.12.2010        878,0MB        9.7.0621

Mozilla Firefox (3.6.20)        Mozilla        18.08.2011                3.6.20 (de)

MySQL Connector/ODBC 5.1        MySQL AB        10.12.2010        7,10MB        5.1.5

Opera 11.50        Opera Software ASA        02.08.2011                11.50.1074

Pando Media Booster        Pando Networks Inc.        20.12.2010        5,47MB        2.3.5.2

PlayReady PC Runtime x86        Microsoft Corporation        06.09.2009        1,65MB        1.3.0

Rappelz        gPotato.eu        01.06.2011                Rappelz

Realtek Ethernet Controller  Driver        Realtek        06.09.2009                1.00.0008

Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        07.05.2010                6.0.1.6101

Realtek USB 2.0 Card Reader        Realtek Semiconductor Corp.        28.09.2009                6.1.7600.30101

Realtek WLAN Driver        Realtek        28.09.2009        1,54MB        2.00.0006

RocketDock 1.3.5        Punk Software        11.12.2009                

Runtime Files Pack 3                10.04.2010                

Skype™ 5.3        Skype Technologies S.A.        12.05.2011        22,6MB        5.3.111

Splashup Light        Faux Labs, Inc.        07.12.2009                1.0

SUPER © Version 2009.bld.36 (June 10, 2009)        eRightSoft        16.12.2009                Version 2009.bld.36 (June 10, 2009)

Synaptics Pointing Device Driver        Synaptics Incorporated        06.09.2009                13.2.6.1

TeamSpeak 3 Client        TeamSpeak Systems GmbH        01.06.2010                

TeamViewer 5        TeamViewer GmbH        16.12.2009                5.0.7545 

TOSHIBA Assist        TOSHIBA        06.09.2009                2.01.11

TOSHIBA Bulletin Board        TOSHIBA Corporation        06.09.2009        30,3MB        1.0.04.32

TOSHIBA ConfigFree        TOSHIBA Corporation        28.09.2009        66,9MB        8.0.21

TOSHIBA Disc Creator        TOSHIBA Corporation        06.09.2009        9,73MB        2.1.0.1

TOSHIBA DVD PLAYER        TOSHIBA Corporation        28.09.2009                3.01.0.07-A

TOSHIBA Extended Tiles for Windows Mobility Center        Toshiba        06.09.2009        1,25MB        1.01.00

TOSHIBA Face Recognition        TOSHIBA Corporation        28.09.2009        59,9MB        3.1.1.32

TOSHIBA Hardware Setup        TOSHIBA Corporation        28.09.2009                2.00.11

TOSHIBA HDD/SSD Alert        TOSHIBA Corporation        06.09.2009        37,9MB        3.1.0.0

TOSHIBA Internal Modem Region Select Utility        Ihr Firmenname        28.09.2009        1,71MB        2.3.0.01

Toshiba Manuals        TOSHIBA        06.09.2009                10.00

Toshiba Online Product Information        TOSHIBA        06.09.2009                2.08.0001

Toshiba Photo Service - powered by myphotobook        myphotobook GmbH        06.09.2009                1.0.0-663

TOSHIBA Recovery Media Creator        TOSHIBA Corporation        06.09.2009        2,91MB        2.1.0.2

TOSHIBA Recovery Media Creator Reminder        TOSHIBA        06.09.2009        0,45MB        1.00.0019

TOSHIBA ReelTime        TOSHIBA Corporation        06.09.2009        37,1MB        1.0.04.32

TOSHIBA Service Station        TOSHIBA        28.09.2009                2.1.33

TOSHIBA Software Modem        LSI Corporation        28.09.2009        16,00KB        2.2.97

TOSHIBA Supervisor Password        TOSHIBA Corporation        28.09.2009                2.00.10

Toshiba TEMPRO        Toshiba Europe GmbH        06.09.2009        10,8MB        3.05

TOSHIBA Value Added Package        TOSHIBA Corporation        28.09.2009        88,7MB        1.2.25

TOSHIBA Web Camera Application        TOSHIBA Corporation        28.09.2009                1.1.1.4

TRORMCLauncher        TOSHIBA        06.09.2009        1,03MB        1.0.0.7

Uninstall 1.0.0.1                15.05.2011        11,2MB        

Visual Basic 4 Runtime Files                10.04.2010                

Windows Live Essentials        Microsoft Corporation        06.09.2009                15.4.3508.1109

Windows Live Mesh ActiveX control for remote connections        Microsoft Corporation        18.12.2010        5,58MB        15.4.5722.2

Windows Live Sync        Microsoft Corporation        06.09.2009        2,79MB        14.0.8089.726

WinRAR                04.12.2009                

World of Warcraft        Blizzard Entertainment        10.12.2010                3.3.5.12340

Xfire (remove only)                22.01.2010

Code:

OTL Extras logfile created on: 20.08.2011 13:04:41 - Run 2

OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Sarah\Downloads

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,87 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 68,70% Memory free

5,74 Gb Paging File | 4,79 Gb Available in Paging File | 83,43% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,29 Gb Total Space | 19,48 Gb Free Space | 16,75% Space Free | Partition Type: NTFS

Drive D: | 116,21 Gb Total Space | 77,22 Gb Free Space | 66,45% Space Free | Partition Type: NTFS

 

Computer Name: SARAH-TOSH | User Name: Sarah | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)

https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Users\Public\winscdvn.exe" = C:\Users\Public\winscdvn.exe:*:Enabled:Windows Firewall Updates

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources

"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware

"{0823A2E3-69DD-A37A-7CD9-1CBEB037545C}" = Toshiba Photo Service - powered by myphotobook

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver

"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack

"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{210360CF-80E4-4A71-AFA9-2B7FED34D44B}" = HP 2.4GHz Wireless Laser Comfort Mouse

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14

"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1

"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{342126B2-10D5-409E-884B-245347A497E1}" = TOSHIBA Bulletin Board

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works

"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources

"{3EBC1B5A-FD67-1A9E-EDEE-1DD08733CC28}" = Splashup Light

"{42451051-52B5-4D74-920A-BB49861D7253}" = TOSHIBA ReelTime

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack

"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3

"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application

"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz

"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9E4FF410-471F-49E3-9358-74FF0D5E9901}" = Toshiba TEMPRO

"{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}" = TOSHIBA Supervisor Password

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station

"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator

"{BD11E3C6-065E-40BB-A129-435C4530A159}_is1" = Jewel Master - Cradle Of Rome

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0387727-C89D-4774-B643-B9333EAA09DE}" = TOSHIBA Hardware Setup

"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher

"{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}" = eBay

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree

"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"7-Zip" = 7-Zip 9.20

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"CCleaner" = CCleaner

"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Toshiba Photo Service - powered by myphotobook

"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.5.722

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"InstallShield_{342126B2-10D5-409E-884B-245347A497E1}" = TOSHIBA Bulletin Board

"InstallShield_{42451051-52B5-4D74-920A-BB49861D7253}" = TOSHIBA ReelTime

"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder

"InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility

"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition

"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher

"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"LTMOH" = LSI V92 MOH Application

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800

"Microsoft Security Client" = Microsoft Security Essentials

"Mozilla Firefox (3.6.20)" = Mozilla Firefox (3.6.20)

"Opera 11.50.1074" = Opera 11.50

"RocketDock_is1" = RocketDock 1.3.5

"SplashupLight.8F84E54D18819F0C71CA15FE192C56A89F17989F.1" = Splashup Light

"ST4UNST #1" = Visual Basic 4 Runtime Files

"ST4UNST #2" = Runtime Files Pack 3

"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TeamViewer 5" = TeamViewer 5

"TOSHIBA Software Modem" = TOSHIBA Software Modem

"Uninstall_is1" = Uninstall 1.0.0.1

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR

"World of Warcraft" = World of Warcraft

"Xfire" = Xfire (remove only)

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"TeamSpeak 3 Client" = TeamSpeak 3 Client

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 11.12.2010 10:08:48 | Computer Name = Sarah-TOSH | Source = Application Hang | ID = 1002

Description = Programm wmplayer.exe, Version 12.0.7600.16667 kann nicht mehr unter

 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 

in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem

 zu suchen.    Prozess-ID: 138c    Startzeit: 01cb993cd43e0ac6    Endzeit: 17    Anwendungspfad:

 C:\Program Files\Windows Media Player\wmplayer.exe    Berichts-ID: 29540f84-0530-11e0-a9db-9896f3872ec3
 

 

Error - 11.12.2010 10:09:10 | Computer Name = Sarah-TOSH | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7600.16385,

 Zeitstempel: 0x4a5bccb3  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7600.16385,

 Zeitstempel: 0x4a5bdaae  Ausnahmecode: 0x0000046b  Fehleroffset: 0x00009617  ID des fehlerhaften

 Prozesses: 0x10b8  Startzeit der fehlerhaften Anwendung: 0x01cb993cc7db61d9  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Windows Media Player\wmpnetwk.exe  Pfad 

des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll  Berichtskennung: 38c8c790-0530-11e0-a9db-9896f3872ec3

 

Error - 11.12.2010 11:22:40 | Computer Name = Sarah-TOSH | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common

 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei

 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.

Der

 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 11.12.2010 11:23:23 | Computer Name = Sarah-TOSH | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows

 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 12.12.2010 19:47:43 | Computer Name = Sarah-TOSH | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common

 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei

 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.

Der

 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 12.12.2010 19:48:33 | Computer Name = Sarah-TOSH | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows

 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 14.12.2010 15:14:13 | Computer Name = Sarah-TOSH | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common

 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei

 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.

Der

 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 14.12.2010 15:14:53 | Computer Name = Sarah-TOSH | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows

 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 16.12.2010 16:01:34 | Computer Name = Sarah-TOSH | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common

 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei

 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.

Der

 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 16.12.2010 16:02:21 | Computer Name = Sarah-TOSH | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows

 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

[ Media Center Events ]

Error - 23.01.2010 09:47:39 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 14:47:39 - Fehler beim Herstellen der Internetverbindung.  14:47:39 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 23.01.2010 09:47:45 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 14:47:44 - Fehler beim Herstellen der Internetverbindung.  14:47:44 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 02.02.2010 21:27:34 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 02:27:34 - Fehler beim Herstellen der Internetverbindung.  02:27:34 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 02.02.2010 21:27:43 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 02:27:39 - Fehler beim Herstellen der Internetverbindung.  02:27:39 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 12:10:21 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 17:10:21 - Fehler beim Herstellen der Internetverbindung.  17:10:21 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 12:10:31 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 17:10:26 - Fehler beim Herstellen der Internetverbindung.  17:10:26 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 13:10:37 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 18:10:37 - Fehler beim Herstellen der Internetverbindung.  18:10:37 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 13:10:44 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 18:10:42 - Fehler beim Herstellen der Internetverbindung.  18:10:42 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 14:10:50 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 19:10:50 - Fehler beim Herstellen der Internetverbindung.  19:10:50 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 14:10:56 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 19:10:55 - Fehler beim Herstellen der Internetverbindung.  19:10:55 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 19.08.2011 19:20:47 | Computer Name = Sarah-TOSH | Source = ipnathlp | ID = 31004

Description = 

 

Error - 20.08.2011 06:18:20 | Computer Name = Sarah-TOSH | Source = Microsoft Antimalware | ID = 3002

Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 

0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842

 

Error - 20.08.2011 06:18:24 | Computer Name = Sarah-TOSH | Source = ipnathlp | ID = 31004

Description = 

 

Error - 20.08.2011 06:20:04 | Computer Name = Sarah-TOSH | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%2

 

Error - 20.08.2011 06:27:20 | Computer Name = Sarah-TOSH | Source = ipnathlp | ID = 31004

Description = 

 

Error - 20.08.2011 06:27:37 | Computer Name = Sarah-TOSH | Source = ipnathlp | ID = 31004

Description = 

 

Error - 20.08.2011 06:29:04 | Computer Name = Sarah-TOSH | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%2

 

Error - 20.08.2011 06:55:59 | Computer Name = Sarah-TOSH | Source = Service Control Manager | ID = 7031

Description = Der Dienst "Microsoft Antimalware Service" wurde unerwartet beendet.

 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 15000

 Millisekunden durchgeführt: Neustart des Diensts.

 

Error - 20.08.2011 06:58:17 | Computer Name = Sarah-TOSH | Source = Microsoft Antimalware | ID = 3002

Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 

0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842

 

Error - 20.08.2011 06:59:59 | Computer Name = Sarah-TOSH | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%2

 

 

< End of report >

Code:

OTL logfile created on: 20.08.2011 13:04:41 - Run 2

OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\Sarah\Downloads

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,87 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 68,70% Memory free

5,74 Gb Paging File | 4,79 Gb Available in Paging File | 83,43% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,29 Gb Total Space | 19,48 Gb Free Space | 16,75% Space Free | Partition Type: NTFS

Drive D: | 116,21 Gb Total Space | 77,22 Gb Free Space | 66,45% Space Free | Partition Type: NTFS

 

Computer Name: SARAH-TOSH | User Name: Sarah | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.08.19 23:28:21 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah\Downloads\OTL.exe

PRC - [2011.08.19 14:35:18 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011.06.15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

PRC - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010.03.22 17:36:48 | 000,356,352 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\TSR\xDaemon.exe

PRC - [2009.12.16 10:14:52 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

PRC - [2009.08.11 11:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe

PRC - [2009.08.10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFIWmxSvcs.exe

PRC - [2009.08.06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe

PRC - [2009.08.06 15:02:02 | 000,029,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe

PRC - [2009.08.05 14:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

PRC - [2009.08.05 14:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

PRC - [2009.08.03 18:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe

PRC - [2009.08.03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

PRC - [2009.07.28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe

PRC - [2009.07.07 09:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\RSelect\RSelSvc.exe

PRC - [2009.03.27 18:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe

PRC - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe

PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.08.19 14:35:19 | 001,000,920 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll

MOD - [2010.03.22 17:36:48 | 000,356,352 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\TSR\xDaemon.exe

MOD - [2010.03.19 10:06:44 | 000,262,144 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\UI\xManager\001\HP_T009.dll

MOD - [2009.10.06 14:09:16 | 000,400,896 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\UI\xManager\xTools.dll

MOD - [2009.09.01 15:14:12 | 000,457,728 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\UI\xManager\xUtility.dll

MOD - [2009.08.16 18:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

MOD - [2009.08.03 18:17:24 | 000,079,192 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

MOD - [2009.07.29 15:35:38 | 000,014,648 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll

MOD - [2009.07.16 15:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll

MOD - [2009.07.16 15:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll

MOD - [2009.06.22 15:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll

MOD - [2009.03.12 19:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll

MOD - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe

MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll

MOD - [2006.10.07 12:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [On_Demand | Stopped] --  -- (gusvc)

SRV - File not found [On_Demand | Stopped] --  -- (gupdatem) Google Update-Dienst (gupdatem)

SRV - File not found [Auto | Stopped] --  -- (gupdate) Google Update Service (gupdate)

SRV - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)

SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

SRV - [2010.11.20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)

SRV - [2009.12.16 19:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)

SRV - [2009.12.16 10:14:52 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)

SRV - [2009.08.17 10:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)

SRV - [2009.08.10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)

SRV - [2009.08.06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)

SRV - [2009.08.05 14:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)

SRV - [2009.08.03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)

SRV - [2009.07.28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)

SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009.07.07 09:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe -- (RSELSVC)

SRV - [2009.03.27 18:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2011.08.20 12:57:52 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EDFCBAA9-61DE-462D-BE3B-8EAA12E23A6C}\MpKslf151cee5.sys -- (MpKslf151cee5)

DRV - [2011.08.20 12:26:58 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EDFCBAA9-61DE-462D-BE3B-8EAA12E23A6C}\MpKsl157b6685.sys -- (MpKsl157b6685)

DRV - [2011.04.27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)

DRV - [2011.04.18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)

DRV - [2010.12.03 11:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)

DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010.10.13 22:50:00 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

DRV - [2010.03.31 03:13:28 | 000,379,904 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)

DRV - [2010.03.19 14:35:02 | 000,011,264 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpCft001.sys -- (HpCft001)

DRV - [2009.07.30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV - [2009.07.24 15:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)

DRV - [2009.07.21 14:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2009.07.14 15:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)

DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)

DRV - [2009.07.14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2009.07.07 08:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\FwLnk.sys -- (FwLnk)

DRV - [2009.06.24 18:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)

DRV - [2009.06.22 17:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)

DRV - [2006.04.06 02:00:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/

IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: "ICQ Search"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:5.0.0

FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.5.0.12

FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2

FF - prefs.js..extensions.enabledItems: {184AA5E6-741D-464a-820E-94B3ABC2F3B4}:1.0

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?sourceid=navclient&hl=de&ie=UTF-8"

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.19 14:35:20 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.08.19 14:35:20 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Sarah\AppData\Roaming\5018 [2011.06.14 22:02:58 | 000,000,000 | ---D | M]

 

[2009.11.22 22:58:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sarah\AppData\Roaming\mozilla\Extensions

[2011.08.19 17:10:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions

[2011.06.28 22:02:00 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[2011.08.04 19:30:33 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}

[2010.06.19 00:46:19 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2010.06.19 00:46:19 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}

[2011.05.26 23:08:02 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Sarah\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\engine@conduit.com

[2009.12.14 09:44:18 | 000,000,881 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\conduit.xml

[2011.08.18 12:28:58 | 000,000,950 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-1.xml

[2010.10.28 15:59:07 | 000,000,950 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-2.xml

[2010.12.11 20:15:45 | 000,000,950 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-3.xml

[2011.03.02 22:15:41 | 000,000,950 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-4.xml

[2010.10.18 21:12:15 | 000,001,056 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin.xml

[2009.12.12 21:08:38 | 000,003,915 | ---- | M] () -- C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\sweetim.xml

[2011.08.04 19:30:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011.06.14 22:02:58 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\SARAH\APPDATA\ROAMING\5018

[2011.07.08 07:04:02 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.07.08 07:04:02 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2011.07.08 07:04:02 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.07.08 07:04:02 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.07.08 07:04:02 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2011.08.20 12:56:46 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  File not found

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -  File not found

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  File not found

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  File not found

O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [HP Input Device Main Program] C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\TSR\xDaemon.exe ()

O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TosSENotify] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)

O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Sarah\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O13 - gopher Prefix: missing

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O27 - HKLM IFEO\mrt.exe: Debugger - svchost.exe (Microsoft Corporation)

O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.08.20 12:55:59 | 000,000,000 | ---D | C] -- C:\_OTL

[2011.08.20 12:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.08.20 12:18:29 | 000,000,000 | ---D | C] -- C:\Users\Sarah\Desktop\Trojaner-Board

[2011.08.20 00:11:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

[2011.08.20 00:11:20 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip

[2011.08.19 23:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}

[2011.08.19 22:58:07 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\PackageAware

[2011.08.19 20:06:28 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis

[2011.08.19 20:06:26 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro

[2011.08.19 19:44:55 | 000,000,000 | ---D | C] -- C:\Users\Sarah\Desktop\AndreBewerbung

[2011.08.10 18:38:51 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2011.08.10 18:38:50 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2011.08.10 18:38:26 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2011.08.10 18:38:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2011.08.10 18:38:26 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2011.08.10 18:38:25 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2011.08.10 18:38:24 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2011.08.10 18:38:09 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

[2011.08.10 18:38:09 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll

[2011.08.10 18:38:08 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

[2011.08.10 18:38:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

[2011.08.10 18:38:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

[2011.08.10 18:38:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

[2011.08.10 18:38:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

[2011.08.10 18:38:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

[2011.08.10 18:38:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

[2011.08.10 18:38:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

[2011.08.10 18:38:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

[2011.08.10 18:38:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

[2011.08.10 18:38:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

[2011.08.10 18:38:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

[2011.08.10 18:38:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

[2011.08.10 18:38:06 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

[2011.08.10 18:38:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

[2011.08.10 18:38:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

[2011.08.10 18:38:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

[2011.08.10 18:38:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

[2011.08.10 18:38:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

[2011.08.10 18:38:05 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll

[2011.08.10 18:38:05 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll

[2011.08.10 18:38:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll

[2011.08.10 18:38:04 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll

[2011.08.10 18:38:04 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll

[2011.08.09 20:42:48 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys

[2011.08.09 20:42:47 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe

[2011.08.09 20:42:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

[2011.08.09 20:42:14 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2011.08.09 20:42:13 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys

[2011.08.09 20:42:12 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys

[2011.08.09 20:42:10 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll

[2011.08.09 20:42:10 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll

[2011.08.09 20:42:09 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll

[2011.08.09 20:42:09 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll

[2011.08.09 20:42:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll

[2011.08.09 20:42:08 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll

[2011.08.09 20:42:02 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll

[2011.08.09 20:42:02 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll

[2011.08.09 20:41:44 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2011.08.09 20:41:36 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll

[2011.08.09 20:41:12 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys

[2011.08.09 20:41:04 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll

[2011.08.09 20:41:04 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys

[2011.08.04 19:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox

[2011.08.03 21:14:36 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Thunderbird

[2011.08.03 21:14:36 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Thunderbird

[2011.08.03 21:06:10 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\Opera

[2011.08.03 21:06:10 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Local\Opera

[2011.08.03 21:06:02 | 000,000,000 | ---D | C] -- C:\Program Files\Opera

[2011.08.01 19:18:51 | 000,011,264 | ---- | C] (Primax Electronics Ltd.) -- C:\Windows\System32\drivers\HpCft001.sys

[2011.08.01 19:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

[2011.08.01 19:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard

[2011.07.27 19:59:07 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\DVDVideoSoft

[1 C:\Users\Sarah\AppData\Roaming\*.tmp files -> C:\Users\Sarah\AppData\Roaming\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.08.20 13:05:01 | 000,016,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.08.20 13:05:01 | 000,016,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.08.20 13:02:06 | 000,645,966 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2011.08.20 13:02:06 | 000,609,290 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011.08.20 13:02:06 | 000,127,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2011.08.20 13:02:06 | 000,104,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011.08.20 12:58:03 | 000,000,439 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics

[2011.08.20 12:57:55 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Sarah-Startup.job

[2011.08.20 12:57:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.08.20 12:57:36 | 2312,101,888 | -HS- | M] () -- C:\hiberfil.sys

[2011.08.20 12:56:46 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts

[2011.08.20 12:20:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.08.20 00:15:48 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat

[2011.08.20 00:15:48 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat

[2011.08.16 13:18:44 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011.08.09 20:56:05 | 000,416,744 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011.08.09 20:46:01 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif

[2011.08.04 19:30:21 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011.08.03 21:06:06 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk

[2011.07.31 12:10:11 | 000,038,570 | ---- | M] () -- C:\Users\Sarah\Documents\3-transport_lagerung-41pfaCZ.pdf

[2011.07.22 06:54:18 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[1 C:\Users\Sarah\AppData\Roaming\*.tmp files -> C:\Users\Sarah\AppData\Roaming\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.08.04 19:30:21 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011.08.03 21:06:06 | 000,001,754 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

[2011.08.03 21:06:06 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk

[2011.07.31 12:10:11 | 000,038,570 | ---- | C] () -- C:\Users\Sarah\Documents\3-transport_lagerung-41pfaCZ.pdf

[2011.05.08 23:28:18 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2011.04.26 21:37:17 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat

[2011.04.26 21:37:17 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat

[2011.04.16 18:51:16 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll

[2011.03.21 13:22:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2010.12.11 19:13:35 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI

[2010.06.08 17:15:22 | 000,000,000 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\chrtmp

[2010.05.03 18:08:57 | 000,000,576 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\wklnhst.dat

[2010.03.18 01:10:03 | 000,097,312 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin

[2010.01.26 00:51:18 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll

[2010.01.26 00:51:18 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll

[2010.01.26 00:51:18 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll

[2009.12.17 23:21:16 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2009.12.12 21:51:39 | 000,083,968 | ---- | C] () -- C:\Windows\UnGins.exe

[2009.11.07 21:37:00 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2009.09.07 07:51:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009.09.07 07:51:46 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2009.08.27 07:57:38 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin

[2009.08.27 07:57:38 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin

[2009.08.27 07:57:38 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin

[2009.08.27 07:57:38 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin

[2009.07.14 10:47:43 | 000,645,966 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2009.07.14 10:47:43 | 000,127,394 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 06:33:53 | 000,416,744 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009.07.14 04:05:48 | 000,609,290 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009.07.14 04:05:48 | 000,104,568 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

 
 ========== LOP Check ==========

 

[2011.06.12 03:11:26 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\5017

[2011.06.14 22:02:58 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\5018

[2011.07.27 19:59:09 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\DVDVideoSoft

[2011.05.16 23:57:29 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\DVDVideoSoftIEHelpers

[2009.11.15 12:58:43 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\FloodLightGames

[2010.02.11 21:57:38 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\FOG Downloader

[2010.06.19 00:46:17 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\gtk-2.0

[2011.05.16 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\ICQ

[2011.06.11 22:37:30 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\kock

[2010.06.19 00:46:19 | 000,000,000 | -HSD | M] -- C:\Users\Sarah\AppData\Roaming\My Security Engine

[2011.08.03 21:06:10 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Opera

[2010.06.18 00:00:17 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Regu

[2009.12.08 22:45:39 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\SplashupLight.8F84E54D18819F0C71CA15FE192C56A89F17989F.1

[2010.05.02 20:05:54 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\TeamViewer

[2010.05.03 18:08:58 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Template

[2011.08.03 21:14:37 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Thunderbird

[2009.11.16 13:48:06 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Toshiba

[2011.05.13 20:37:33 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\TS3Client

[2011.06.01 14:31:28 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\ts3overlay

[2011.08.03 20:53:33 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\UAs

[2011.08.03 20:53:33 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\xmldm

[2011.06.23 17:35:01 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2011.08.20 12:57:55 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-Sarah-Startup.job

 
 ========== Purity Check ==========

 

 
 

< End of report >

Code:

C:\Program Files\Application Updater\ApplicationUpdater.exe        möglicherweise Variante von Win32/Adware.Toolbar.Dealio Anwendung        Gesäubert durch Löschen - in Quarantäne kopiert

C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll        Variante von Win32/Adware.Toolbar.Dealio Anwendung        Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert

C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5        Variante von Win32/Adware.Toolbar.Dealio Anwendung        Gesäubert durch Löschen - in Quarantäne kopiert

C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6        Variante von Win32/Adware.Toolbar.Dealio Anwendung        Gesäubert durch Löschen - in Quarantäne kopiert

C:\Program Files\pdfforge Toolbar\IE\4.6\pdfforgeToolbarIE.dll        Variante von Win32/Adware.Toolbar.Dealio Anwendung        Gesäubert durch Löschen - in Quarantäne kopiert

C:\Users\*****\AppData\Local\Temp\NODFCD0.tmp        Variante von Win32/Adware.Toolbar.Dealio Anwendung        Gesäubert durch Löschen (nach dem nächsten Neustart) - in Quarantäne kopiert

C:\Users\*****\Downloads\registrybooster.exe        Win32/RegistryBooster Anwendung        gelöscht - in Quarantäne kopiert

C:\Users\****\Downloads\sblauncher(2).exe        möglicherweise Variante von Win32/TrojanDownloader.Agent.SVNSNU Trojaner        gelöscht - in Quarantäne kopiert

C:\Users\****\Downloads\sblauncher(3).exe        möglicherweise Variante von Win32/TrojanDownloader.Agent.SVNSNU Trojaner        gelöscht - in Quarantäne kopiert

C:\Users\****\Downloads\sblauncher.exe        möglicherweise Variante von Win32/TrojanDownloader.Agent.SVNSNU Trojaner        gelöscht - in Quarantäne kopiert

C:\Windows\Installer\52c46e.msi        Variante von Win32/Adware.Toolbar.Dealio Anwendung        gelöscht - in Quarantäne kopiert

Code:

SUPERAntiSpyware Scan Log

hxxp://www.superantispyware.com
 

Generated 10/09/2011 at 05:46 PM
 

Application Version : 5.0.1128
 

Core Rules Database Version : 7585

Trace Rules Database Version: 5397
 

Scan type       : Complete Scan

Total Scan Time : 00:56:28
 

Operating System Information

Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)

UAC On - Limited User
 

Memory items scanned      : 675

Memory threats detected   : 0

Registry items scanned    : 38571

Registry threats detected : 0

File items scanned        : 58849

File threats detected     : 10
 

Adware.Tracking Cookie

        C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\YQKVLY3B.txt [ /ad3.adfarm1.adition.com ]

        C:\Users\****\AppData\Roaming\Microsoft\Windows\Cookies\03J6EMPK.txt [ /doubleclick.net ]

        C:\Users\****\AppData\Roaming\Microsoft\Windows\Cookies\G8Q3U6WH.txt [ /adfarm1.adition.com ]

        C:\Users\****\AppData\Roaming\Microsoft\Windows\Cookies\0UVE0FKR.txt [ /tradedoubler.com ]

        C:\Users\****\AppData\Roaming\Microsoft\Windows\Cookies\3U2PP629.txt [ /questionmarket.com ]

        C:\USERS\****\Cookies\YQKVLY3B.txt [ Cookie:****@ad3.adfarm1.adition.com/ ]

        C:\USERS\****\Cookies\03J6EMPK.txt [ Cookie:****@doubleclick.net/ ]

        C:\USERS\****\Cookies\G8Q3U6WH.txt [ Cookie:****@adfarm1.adition.com/ ]

        C:\USERS\****\Cookies\0UVE0FKR.txt [ Cookie:****@tradedoubler.com/ ]

        C:\USERS\****\Cookies\3U2PP629.txt [ Cookie:****@questionmarket.com/ ]

Code:

All processes killed

========== OTL ==========

Error: No service named Lbd was found to stop!

Service\Driver key Lbd not found.

File C:\Windows\system32\DRIVERS\Lbd.sys not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ not found.

Prefs.js: engine@conduit.com:3.3.3.2 removed from extensions.enabledItems

Folder C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\engine@conduit.com\ not found.

Folder C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.

File C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\conduit.xml not found.

Folder C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\ not found.

File C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-2.xml not found.

File C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-3.xml not found.

File C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-4.xml not found.

File C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin.xml not found.

File C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\sweetim.xml not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Public

 

User: Sarah

->Temp folder emptied: 106385814 bytes

->Temporary Internet Files folder emptied: 18391062 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 102183184 bytes

->Opera cache emptied: 0 bytes

->Flash cache emptied: 2645 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 678494 bytes

RecycleBin emptied: 19352405 bytes

 

Total Files Cleaned = 236,00 mb

 

 

OTL by OldTimer - Version 3.2.26.5 log created on 10092011_164541
 

Files\Folders moved on Reboot...
 

Registry entries deleted on Reboot...

Code:

OTL Extras logfile created on: 09.10.2011 21:11:35 - Run 3

OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\****\Desktop\Tools

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,87 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 48,97% Memory free

5,74 Gb Paging File | 4,36 Gb Available in Paging File | 75,87% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,29 Gb Total Space | 15,94 Gb Free Space | 13,71% Space Free | Partition Type: NTFS

Drive D: | 116,21 Gb Total Space | 44,89 Gb Free Space | 38,63% Space Free | Partition Type: NTFS

Drive F: | 3,80 Gb Total Space | 3,74 Gb Free Space | 98,49% Space Free | Partition Type: FAT32

 

Computer Name: ****-TOSH | User Name: ****| Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)

https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Users\Public\winscdvn.exe" = C:\Users\Public\winscdvn.exe:*:Enabled:Windows Firewall Updates

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources

"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware

"{0823A2E3-69DD-A37A-7CD9-1CBEB037545C}" = Toshiba Photo Service - powered by myphotobook

"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver

"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack

"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{210360CF-80E4-4A71-AFA9-2B7FED34D44B}" = HP 2.4GHz Wireless Laser Comfort Mouse

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information

"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26

"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1

"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{342126B2-10D5-409E-884B-245347A497E1}" = TOSHIBA Bulletin Board

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works

"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3EBC1B5A-FD67-1A9E-EDEE-1DD08733CC28}" = Splashup Light

"{42451051-52B5-4D74-920A-BB49861D7253}" = TOSHIBA ReelTime

"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack

"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3

"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client

"{5783F2D7-A001-0407-0002-0060B0CE6BBA}" = AutoCAD 2012 - Deutsch

"{5783F2D7-A001-0407-1002-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - Deutsch

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application

"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher

"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2

"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller  Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012

"{8F50EC3D-C482-4445-9E4B-991A766047D5}_is1" = MAESTIA Version 201101

"{90120407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003

"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager

"{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz

"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals

"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9E4FF410-471F-49E3-9358-74FF0D5E9901}" = Toshiba TEMPRO

"{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}" = TOSHIBA Supervisor Password

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator

"{BD11E3C6-065E-40BB-A129-435C4530A159}_is1" = Jewel Master - Cradle Of Rome

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition

"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0387727-C89D-4774-B643-B9333EAA09DE}" = TOSHIBA Hardware Setup

"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{E552C39C-C70E-464F-9733-8311331BDD90}" = Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2012

"{E6098043-1183-4580-89EF-423CBF807188}" = pdfforge Toolbar v4.6

"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher

"{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}" = eBay

"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Autodesk Inventor Fusion Plugin for AutoCAD 2012

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree

"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012

"{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack

"7-Zip" = 7-Zip 9.20

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Akamai" = Akamai NetSession Interface

"AutoCAD 2012 - Deutsch" = AutoCAD 2012 - Deutsch

"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012

"Autodesk Inventor Fusion Plugin for AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012

"CCleaner" = CCleaner

"ESET Online Scanner" = ESET Online Scanner v3

"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Toshiba Photo Service - powered by myphotobook

"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.2

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908

"HDMI" = Intel(R) Graphics Media Accelerator Driver

"InstallShield_{342126B2-10D5-409E-884B-245347A497E1}" = TOSHIBA Bulletin Board

"InstallShield_{42451051-52B5-4D74-920A-BB49861D7253}" = TOSHIBA ReelTime

"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder

"InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility

"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition

"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert

"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher

"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"LTMOH" = LSI V92 MOH Application

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"Microsoft Security Client" = Microsoft Security Essentials

"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)

"Opera 11.50.1074" = Opera 11.50

"RocketDock_is1" = RocketDock 1.3.5

"SplashupLight.8F84E54D18819F0C71CA15FE192C56A89F17989F.1" = Splashup Light

"ST4UNST #1" = Visual Basic 4 Runtime Files

"ST4UNST #2" = Runtime Files Pack 3

"SUPER ©" = SUPER © Version 2009.bld.36 (June 10, 2009)

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"TeamViewer 5" = TeamViewer 5

"TOSHIBA Software Modem" = TOSHIBA Software Modem

"Uninstall_is1" = Uninstall 1.0.0.1

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = WinRAR

"World of Warcraft" = World of Warcraft

"Xfire" = Xfire (remove only)

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"TeamSpeak 3 Client" = TeamSpeak 3 Client

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 16.11.2010 14:28:09 | Computer Name = ****-TOSH | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common

 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei

 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.

Der

 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 16.11.2010 14:29:02 | Computer Name = ****-TOSH | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows

 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 19.11.2010 13:05:53 | Computer Name = ****-TOSH | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common

 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei

 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.

Der

 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 19.11.2010 13:06:36 | Computer Name = *****-TOSH | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows

 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 21.11.2010 14:48:31 | Computer Name = ****-TOSH | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common

 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei

 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.

Der

 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 21.11.2010 14:49:13 | Computer Name = ****-TOSH | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows

 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 30.11.2010 01:39:45 | Computer Name = ****-TOSH | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common

 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei

 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.

Der

 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 30.11.2010 01:40:31 | Computer Name = ****-TOSH | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows

 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

Error - 01.12.2010 12:42:11 | Computer Name = *****-TOSH | Source = SideBySide | ID = 16842815

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files\Common

 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei

 "c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.

Der

 Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs

 im assemblyIdentity-Element ist ungültig.

 

Error - 01.12.2010 12:42:55 | Computer Name = ****-TOSH | Source = SideBySide | ID = 16842785

Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows

 live\messenger\wlcsdk.exe".  Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""

 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm

 "sxstrace.exe".

 

[ Media Center Events ]

Error - 23.01.2010 09:47:39 | Computer Name = ****-TOSH | Source = MCUpdate | ID = 0

Description = 14:47:39 - Fehler beim Herstellen der Internetverbindung.  14:47:39 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 23.01.2010 09:47:45 | Computer Name = ****-TOSH | Source = MCUpdate | ID = 0

Description = 14:47:44 - Fehler beim Herstellen der Internetverbindung.  14:47:44 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 02.02.2010 21:27:34 | Computer Name = ****-TOSH | Source = MCUpdate | ID = 0

Description = 02:27:34 - Fehler beim Herstellen der Internetverbindung.  02:27:34 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 02.02.2010 21:27:43 | Computer Name = Sarah-TOSH | Source = MCUpdate | ID = 0

Description = 02:27:39 - Fehler beim Herstellen der Internetverbindung.  02:27:39 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 12:10:21 | Computer Name = ****-TOSH | Source = MCUpdate | ID = 0

Description = 17:10:21 - Fehler beim Herstellen der Internetverbindung.  17:10:21 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 12:10:31 | Computer Name = *****-TOSH | Source = MCUpdate | ID = 0

Description = 17:10:26 - Fehler beim Herstellen der Internetverbindung.  17:10:26 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 13:10:37 | Computer Name = *****-TOSH | Source = MCUpdate | ID = 0

Description = 18:10:37 - Fehler beim Herstellen der Internetverbindung.  18:10:37 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 13:10:44 | Computer Name = ****-TOSH | Source = MCUpdate | ID = 0

Description = 18:10:42 - Fehler beim Herstellen der Internetverbindung.  18:10:42 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 14:10:50 | Computer Name = ****-TOSH | Source = MCUpdate | ID = 0

Description = 19:10:50 - Fehler beim Herstellen der Internetverbindung.  19:10:50 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.02.2010 14:10:56 | Computer Name = ****-TOSH | Source = MCUpdate | ID = 0

Description = 19:10:55 - Fehler beim Herstellen der Internetverbindung.  19:10:55 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ System Events ]

Error - 08.10.2011 12:01:09 | Computer Name = ****-TOSH | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%2

 

Error - 09.10.2011 10:24:46 | Computer Name = *****-TOSH | Source = Microsoft Antimalware | ID = 3002

Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 

0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842

 

Error - 09.10.2011 10:26:42 | Computer Name = *****-TOSH | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%2

 

Error - 09.10.2011 10:45:42 | Computer Name = ****-TOSH | Source = Service Control Manager | ID = 7031

Description = Der Dienst "Microsoft Antimalware Service" wurde unerwartet beendet.

 Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 15000

 Millisekunden durchgeführt: Neustart des Diensts.

 

Error - 09.10.2011 10:46:07 | Computer Name = ****-TOSH | Source = Microsoft Antimalware | ID = 3002

Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%886     Fehlercode: 

0x8007045b     Fehlerbeschreibung: Der Computer wird heruntergefahren.      Ursache: %%892

 

Error - 09.10.2011 10:46:07 | Computer Name = *****-TOSH | Source = Service Control Manager | ID = 7023

Description = Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler

 beendet:   %%-2147416365

 

Error - 09.10.2011 10:47:20 | Computer Name = ****-TOSH | Source = Microsoft Antimalware | ID = 3002

Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 

0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842

 

Error - 09.10.2011 10:49:16 | Computer Name = ****-TOSH | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%2

 

Error - 09.10.2011 11:37:32 | Computer Name = ****-TOSH | Source = ipnathlp | ID = 31004

Description = 

 

Error - 09.10.2011 12:05:40 | Computer Name = *****-TOSH | Source = ipnathlp | ID = 31004

Description = 

 

 

< End of report >

Code:

OTL logfile created on: 09.10.2011 21:11:35 - Run 3

OTL by OldTimer - Version 3.2.26.5     Folder = C:\Users\****\Desktop\Tools

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,87 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 48,97% Memory free

5,74 Gb Paging File | 4,36 Gb Available in Paging File | 75,87% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 116,29 Gb Total Space | 15,94 Gb Free Space | 13,71% Space Free | Partition Type: NTFS

Drive D: | 116,21 Gb Total Space | 44,89 Gb Free Space | 38,63% Space Free | Partition Type: NTFS

Drive F: | 3,80 Gb Total Space | 3,74 Gb Free Space | 98,49% Space Free | Partition Type: FAT32

 

Computer Name: SARAH-TOSH | User Name: ****| Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.10.09 16:48:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011.10.07 17:48:57 | 004,611,456 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

PRC - [2011.08.19 23:28:21 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Sarah\Desktop\Tools\OTL.exe

PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe

PRC - [2011.06.15 15:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe

PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

PRC - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe

PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010.03.22 17:36:48 | 000,356,352 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\TSR\xDaemon.exe

PRC - [2009.12.16 10:14:52 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

PRC - [2009.08.11 11:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe

PRC - [2009.08.10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFIWmxSvcs.exe

PRC - [2009.08.06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe

PRC - [2009.08.06 15:02:02 | 000,029,528 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe

PRC - [2009.08.05 14:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe

PRC - [2009.08.05 14:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe

PRC - [2009.08.03 18:16:50 | 001,021,272 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe

PRC - [2009.08.03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

PRC - [2009.07.28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe

PRC - [2009.07.07 09:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\RSelect\RSelSvc.exe

PRC - [2009.03.27 18:10:56 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe

PRC - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe

PRC - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.10.09 16:48:11 | 001,015,256 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll

MOD - [2011.10.09 16:47:44 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll

MOD - [2011.09.26 20:19:32 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll

MOD - [2011.08.21 21:01:26 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

MOD - [2011.08.21 21:01:26 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2011.08.21 21:01:25 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

MOD - [2011.06.19 03:18:03 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll

MOD - [2010.03.22 17:36:48 | 000,356,352 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\TSR\xDaemon.exe

MOD - [2010.03.19 10:06:44 | 000,262,144 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\UI\xManager\001\HP_T009.dll

MOD - [2009.10.06 14:09:16 | 000,400,896 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\UI\xManager\xTools.dll

MOD - [2009.09.01 15:14:12 | 000,457,728 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\UI\xManager\xUtility.dll

MOD - [2009.08.16 18:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll

MOD - [2009.08.03 18:17:24 | 000,079,192 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

MOD - [2009.07.29 15:35:38 | 000,014,648 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll

MOD - [2009.07.16 15:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll

MOD - [2009.07.16 15:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll

MOD - [2009.06.22 15:38:40 | 000,015,160 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll

MOD - [2009.03.12 19:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll

MOD - [2007.09.02 14:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.exe

MOD - [2007.09.02 14:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files\RocketDock\RocketDock.dll

MOD - [2006.10.07 12:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [On_Demand | Stopped] --  -- (gusvc)

SRV - File not found [On_Demand | Stopped] --  -- (gupdatem) Google Update-Dienst (gupdatem)

SRV - File not found [Auto | Stopped] --  -- (gupdate) Google Update Service (gupdate)

SRV - [2011.09.22 14:57:21 | 003,542,616 | ---- | M] () [Auto | Running] -- c:\Program Files\Common Files\Akamai\netsession_win_b31de1e.dll -- (Akamai)

SRV - [2011.08.27 15:45:45 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)

SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)

SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)

SRV - [2011.02.02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)

SRV - [2010.11.20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)

SRV - [2009.12.16 19:26:00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)

SRV - [2009.12.16 10:14:52 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)

SRV - [2009.08.17 10:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\Toshiba\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)

SRV - [2009.08.10 19:55:46 | 000,185,712 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)

SRV - [2009.08.06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)

SRV - [2009.08.05 14:18:50 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)

SRV - [2009.08.03 18:16:32 | 000,111,960 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)

SRV - [2009.07.28 15:43:04 | 000,128,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)

SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009.07.07 09:37:32 | 000,062,832 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe -- (RSELSVC)

SRV - [2009.03.27 18:10:56 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2009.03.10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2011.10.09 16:47:01 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2A1EC98-0344-4A94-BFAD-DC5B97FE8905}\MpKsl643bf401.sys -- (MpKsl643bf401)

DRV - [2011.10.09 16:24:12 | 000,028,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D2A1EC98-0344-4A94-BFAD-DC5B97FE8905}\MpKsl023fd5b3.sys -- (MpKsl023fd5b3)

DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2011.04.27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)

DRV - [2011.04.18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)

DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010.10.13 22:50:00 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)

DRV - [2010.03.31 03:13:28 | 000,379,904 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B)

DRV - [2010.03.19 14:35:02 | 000,011,264 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpCft001.sys -- (HpCft001)

DRV - [2009.07.30 17:45:56 | 000,022,912 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV - [2009.07.24 15:57:06 | 000,275,536 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)

DRV - [2009.07.21 14:18:58 | 001,161,760 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2009.07.14 15:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)

DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)

DRV - [2009.07.14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\atikmdag.sys -- (atikmdag)

DRV - [2009.07.07 08:53:06 | 000,007,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\system32\DRIVERS\FwLnk.sys -- (FwLnk)

DRV - [2009.06.24 18:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)

DRV - [2009.06.22 17:04:58 | 000,024,064 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PGEffect.sys -- (PGEffect)

DRV - [2006.04.06 02:00:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - Reg Error: Value error. File not found

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: "ICQ Search"

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"

FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:7.0.0

FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.6

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?sourceid=navclient&hl=de&ie=UTF-8"

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.09 16:48:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.09 16:48:13 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Sarah\AppData\Roaming\5018 [2011.06.14 22:02:58 | 000,000,000 | ---D | M]

 

[2009.11.22 22:58:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions

[2011.10.08 21:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions

[2011.10.07 17:49:45 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}

[2010.06.19 00:46:19 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\3fglo34o.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011.10.09 16:58:24 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\3fglo34o.default\searchplugins\icqplugin-1.xml

[2011.09.09 21:37:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2011.08.21 20:32:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2011.09.04 13:58:22 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM

[2011.08.21 20:31:54 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011.07.08 07:04:02 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.07.08 07:04:02 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2011.07.08 07:04:02 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.07.08 07:04:02 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.07.08 07:04:02 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2011.08.20 12:56:46 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1       localhost

O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - Reg Error: Value error. File not found

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [HP Input Device Main Program] C:\Program Files\Hewlett-Packard\HP 2.4GHz Wireless Laser Comfort Mouse\TSR\xDaemon.exe ()

O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TosSENotify] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)

O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)

O4 - HKCU..\Run: [PlayNC Launcher]  File not found

O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()

O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 2

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Sarah\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - igfxdev.dll (Intel Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2011.08.27 06:12:28 | 000,000,000 | ---D | M] - D:\Autodesk -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.10.02 16:37:58 | 000,000,000 | ---D | C] -- C:\Users\Sarah\riotsGamesLogs

[2011.10.02 16:37:31 | 000,000,000 | ---D | C] -- C:\Users\Sarah\AppData\Roaming\LolClient

[2011.10.02 15:13:14 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll

[2011.10.02 15:13:14 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll

[2011.10.02 15:13:13 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll

[2011.10.02 15:13:13 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll

[2011.10.02 15:13:11 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll

[2011.10.02 15:09:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games

[2011.10.02 12:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAESTIA

[2011.09.25 22:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\Skype

[1 C:\Users\Sarah\AppData\Roaming\*.tmp files -> C:\Users\****\AppData\Roaming\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.10.09 20:20:03 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.10.09 17:49:36 | 000,693,632 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2011.10.09 17:49:36 | 000,649,606 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011.10.09 17:49:36 | 000,146,098 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2011.10.09 17:49:36 | 000,119,636 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011.10.09 16:54:18 | 000,016,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.10.09 16:54:18 | 000,016,080 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.10.09 16:47:02 | 000,000,360 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Sarah-Startup.job

[2011.10.09 16:46:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.10.09 16:46:46 | 2312,101,888 | -HS- | M] () -- C:\hiberfil.sys

[2011.10.09 02:17:47 | 000,000,042 | ---- | M] () -- C:\Users\Sarah\Documents\aionmemo_c1b89fb0.dat

[2011.09.26 20:19:33 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[1 C:\Users\Sarah\AppData\Roaming\*.tmp files -> C:\Users\Sarah\AppData\Roaming\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.09.10 23:57:29 | 000,000,042 | ---- | C] () -- C:\Users\****\Documents\aionmemo_c1b89fb0.dat

[2011.09.04 13:57:27 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll

[2011.08.27 15:46:04 | 000,000,147 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2011.05.08 23:28:18 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2011.04.26 21:37:17 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat

[2011.04.26 21:37:17 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat

[2011.04.16 18:51:16 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll

[2011.03.21 13:22:06 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2010.12.11 19:13:35 | 000,000,232 | ---- | C] () -- C:\Windows\ODBCINST.INI

[2010.06.08 17:15:22 | 000,000,000 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\chrtmp

[2010.05.03 18:08:57 | 000,000,576 | ---- | C] () -- C:\Users\Sarah\AppData\Roaming\wklnhst.dat

[2010.03.18 01:10:03 | 000,097,312 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin

[2010.01.26 00:51:18 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll

[2010.01.26 00:51:18 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll

[2010.01.26 00:51:18 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll

[2009.12.17 23:21:16 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2009.12.12 21:51:39 | 000,083,968 | ---- | C] () -- C:\Windows\UnGins.exe

[2009.11.07 21:37:00 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2009.09.07 07:51:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2009.09.07 07:51:46 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2009.08.27 07:57:38 | 000,982,220 | ---- | C] () -- C:\Windows\System32\igkrng500.bin

[2009.08.27 07:57:38 | 000,439,300 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin

[2009.08.27 07:57:38 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin

[2009.08.27 07:57:38 | 000,092,216 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin

[2009.07.14 10:47:43 | 000,693,632 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2009.07.14 10:47:43 | 000,146,098 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat

[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 06:33:53 | 000,489,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2009.07.14 04:05:48 | 000,649,606 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2009.07.14 04:05:48 | 000,119,636 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

 
 ========== LOP Check ==========

 

[2011.06.12 03:11:26 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\5017

[2011.06.14 22:02:58 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\5018

[2011.09.04 13:26:18 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Autodesk

[2011.09.21 01:25:42 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\DVDVideoSoft

[2011.05.16 23:57:29 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\DVDVideoSoftIEHelpers

[2009.11.15 12:58:43 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\FloodLightGames

[2010.02.11 21:57:38 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\FOG Downloader

[2010.06.19 00:46:17 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\gtk-2.0

[2011.05.16 22:33:30 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ICQ

[2011.06.11 22:37:30 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\kock

[2011.10.02 16:37:31 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\LolClient

[2010.06.19 00:46:19 | 000,000,000 | -HSD | M] -- C:\Users\****\AppData\Roaming\My Security Engine

[2011.08.03 21:06:10 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Opera

[2010.06.18 00:00:17 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Regu

[2009.12.08 22:45:39 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\SplashupLight.8F84E54D18819F0C71CA15FE192C56A89F17989F.1

[2010.05.02 20:05:54 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TeamViewer

[2010.05.03 18:08:58 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Template

[2011.08.03 21:14:37 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Thunderbird

[2009.11.16 13:48:06 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\Toshiba

[2011.05.13 20:37:33 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\TS3Client

[2011.06.01 14:31:28 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\ts3overlay

[2011.08.03 20:53:33 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\UAs

[2011.08.03 20:53:33 | 000,000,000 | ---D | M] -- C:\Users\****\AppData\Roaming\xmldm

[2011.06.23 17:35:01 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2011.10.09 16:47:02 | 000,000,360 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-****-Startup.job

 
 ========== Purity Check ==========

 

 
 

< End of report >

Auffälligkeiten: habe keine entdecken können
Probleme auch keine.

Der derzeitige Stand: meine Suchmaschinen funktionieren wieder fehlerfrei.
Der Pc ist auch insgesamt ein bisschen schneller geworden. Auch nur minimal.

LG Firi

PS.: Ich entschuldige mich dafür, dass es so lange gedauert hat aber ich hatte mit einigen Schicksalsschlägen zu tun gehabt.