Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Ist das Malware oder ähnliches?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.09.2010, 10:51   #1
habefrage
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Guten Abend,

mein Laptop hat in den letzten Tagen ein paar seltsame Dinge gemacht - gestern und heute war zwei Mal plötzlich nach Wiedereinschalten der McAfee deaktiviert, gestern hatte ich den Eindruck, der Laptop ging mach dem zuklappen von allein wieder an (?!), eine WORD-Datei ist in der Bibliothek nicht zu finden, obwohl unter documents vorhanden, der McAfee Virtual Technician erkennt keine McAfee-Software.

Ich hab mit Spybot fünf Probleme (fünf Cookies) gefunden, Malwarebites fand nichts und GMER lässt sich nicht starten. (Kann nicht auf Datei zugreifen) !

Hier meine Dateien:

Code:
ATTFilter
OTL logfile created on: 02.09.2010 22:59:58 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\***\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 118,36 Gb Free Space | 79,42% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 142,09 Gb Free Space | 95,58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***-TOSH
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.09.02 21:47:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2010.06.10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.11.04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
PRC - [2009.10.29 07:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee.com\agent\mcagent.exe
PRC - [2009.10.27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
PRC - [2009.10.02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
PRC - [2009.08.12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2009.07.14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009.07.08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
PRC - [2009.07.07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
PRC - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009.01.23 10:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009.01.13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.09.02 21:47:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009.01.23 10:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\saHook.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.08.27 14:38:22 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009.08.05 15:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009.08.04 12:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009.08.03 18:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.07.30 00:54:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2010.06.10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.11.04 17:47:32 | 000,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009.11.04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe -- (McSysmon)
SRV - [2009.10.28 12:50:32 | 000,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009.10.27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009.10.02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009.08.17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.08.10 20:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009.08.06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009.07.14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009.07.08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe -- (McProxy)
SRV - [2009.07.07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe -- (McNASvc)
SRV - [2009.05.22 20:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009.01.23 10:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.07.15 15:18:22 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2009.11.04 17:54:06 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009.11.04 17:54:06 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009.11.04 17:54:06 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009.11.04 17:47:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009.08.26 19:11:12 | 000,942,080 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009.07.30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.30 13:07:12 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.24 16:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009.07.20 18:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.22 18:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.19 20:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.05.22 22:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.05.20 19:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010.03.03 00:43:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.07.30 19:16:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2010.01.29 20:46:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.01.29 20:46:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Programme\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.02 21:48:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.02 17:29:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2010.09.02 17:20:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Citrix
[2010.09.02 17:19:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apps
[2010.09.02 17:19:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Deployment
[2010.09.02 16:02:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\McAfee
[2010.09.02 14:38:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.09.02 14:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.09.02 13:25:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.09.02 13:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.02 13:24:52 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.02 13:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.25 09:51:48 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010.08.11 14:04:10 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.11 14:04:09 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.08.11 14:04:09 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.08.11 14:04:04 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.08.11 14:04:04 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.11 14:04:03 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.08.11 14:04:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.11 14:04:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.11 14:04:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.11 14:03:57 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.08.11 14:03:57 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.08.11 14:03:57 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.02 23:01:33 | 002,097,152 | -HS- | M] () -- C:\Users\***\ntuser.dat
[2010.09.02 22:53:38 | 000,014,707 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010.09.02 22:20:02 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.02 21:48:47 | 000,001,020 | ---- | M] () -- C:\Users\***\Documents\Malwarebytes' Anti-Malware.lnk
[2010.09.02 21:30:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.02 18:25:59 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.02 18:25:59 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.02 18:23:08 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.02 18:23:08 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.02 18:23:08 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.02 18:23:08 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.02 18:23:08 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.02 18:15:02 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.02 18:14:53 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.02 18:14:43 | 3193,602,048 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.02 18:13:54 | 002,744,283 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.09.02 18:12:46 | 000,006,702 | ---- | M] () -- C:\Users\***\Documents\Dokument_c.rtf
[2010.09.02 17:20:43 | 000,103,784 | ---- | M] () -- C:\Users\***\GoToAssistDownloadHelper.exe
[2010.09.02 14:38:10 | 000,001,269 | ---- | M] () -- C:\Users\***\Documents\Spybot - Search & Destroy.lnk
[2010.09.02 10:53:14 | 000,149,190 | ---- | M] () -- C:\Users\***\Documents\2010_09rechnung_4960811584.pdf
[2010.09.01 15:37:45 | 000,006,664 | ---- | M] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2010.09.01 01:22:22 | 000,031,232 | ---- | M] () -- C:\Users\***\Documents\Guten Aben1.doc
[2010.09.01 01:19:32 | 000,024,064 | ---- | M] () -- C:\Users\***\Documents\TEST.doc
[2010.09.01 01:16:32 | 000,008,250 | ---- | M] () -- C:\Users\***\Documents\Dokument___.rtf
[2010.09.01 01:01:33 | 000,031,232 | ---- | M] () -- C:\Users\***\Documents\Guten Abend.doc
[2010.09.01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2010.08.29 14:08:41 | 000,002,606 | ---- | M] () -- C:\Users\***\Documents\entwurf_forum_____.rtf
[2010.08.19 18:18:10 | 000,002,839 | ---- | M] () -- C:\Users\***\Documents\Mi_.rtf
[2010.08.18 19:12:01 | 000,000,785 | ---- | M] () -- C:\Users\***\Documents\mail_am.rtf
[2010.08.15 16:29:39 | 000,000,655 | ---- | M] () -- C:\Users\***\Documents\entwurf-.rtf
[2010.08.15 15:25:47 | 000,026,624 | ---- | M] () -- C:\Users\***\Documents\entwurf_xy.doc
[2010.08.15 12:02:25 | 000,024,064 | ---- | M] () -- C:\Users\***\Documents\entwurf_naja.doc
[2010.08.14 23:40:45 | 000,026,624 | ---- | M] () -- C:\Users\***\Documents\entwurf_leben....doc
[2010.08.13 16:23:22 | 000,020,480 | ---- | M] () -- C:\Users\***\Documents\Ich bin wütend auf.doc
[2010.08.13 14:53:24 | 000,002,016 | ---- | M] () -- C:\Users\***\Documents\entw_f....rtf
[2010.08.12 11:45:34 | 000,343,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.09 17:17:02 | 000,069,497 | ---- | M] () -- C:\Users\***\Documents\INBOX.msf
[2010.08.09 15:39:00 | 010,852,068 | ---- | M] () -- C:\Users\***\Documents\Neuer ZIP-komprimierter Ordner (2).zip
[2010.08.09 13:50:22 | 004,961,538 | ---- | M] () -- C:\Users\***\Documents\Archives-1
[2010.08.08 11:17:11 | 007,782,436 | ---- | M] () -- C:\Users\***\Documents\Neuer ZIP-komprimierter Ordner.zip
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.02 21:48:47 | 000,001,020 | ---- | C] () -- C:\Users\***\Documents\Malwarebytes' Anti-Malware.lnk
[2010.09.02 18:12:46 | 000,006,702 | ---- | C] () -- C:\Users\***\Documents\Dokument_c.rtf
[2010.09.02 17:20:42 | 000,103,784 | ---- | C] () -- C:\Users\***\GoToAssistDownloadHelper.exe
[2010.09.02 14:38:10 | 000,001,269 | ---- | C] () -- C:\Users\***\Documents\Spybot - Search & Destroy.lnk
[2010.09.02 10:53:14 | 000,149,190 | ---- | C] () -- C:\Users\***\Documents\***.pdf
[2010.09.01 01:22:22 | 000,031,232 | ---- | C] () -- C:\Users\***\Documents\***.doc
[2010.09.01 01:19:32 | 000,024,064 | ---- | C] () -- C:\Users\***\Documents\***.doc
[2010.09.01 01:16:32 | 000,008,250 | ---- | C] () -- C:\Users\***\Documents\***.rtf
[2010.08.31 23:12:11 | 000,031,232 | ---- | C] () -- C:\Users\***\Documents\***.doc
[2010.08.29 10:48:40 | 000,002,606 | ---- | C] () -- C:\Users\***\Documents\***.rtf
[2010.08.19 18:17:11 | 000,002,839 | ---- | C] () -- C:\Users\***\Documents\***.rtf
[2010.08.18 19:12:01 | 000,000,785 | ---- | C] () -- C:\Users\***\Documents\***.rtf
[2010.08.15 15:36:10 | 000,000,655 | ---- | C] () -- C:\Users\***\Documents\***.rtf
[2010.08.15 12:15:45 | 000,026,624 | ---- | C] () -- C:\Users\***\Documents\***.doc
[2010.08.15 12:02:24 | 000,024,064 | ---- | C] () -- C:\Users\***\Documents\***.doc
[2010.08.14 23:03:09 | 000,026,624 | ---- | C] () -- C:\Users\***\Documents\***.doc
[2010.08.13 16:00:55 | 000,020,480 | ---- | C] () -- C:\Users\***\Documents\***.doc
[2010.08.11 18:07:31 | 000,002,016 | ---- | C] () -- C:\Users\***\Documents\***.rtf
[2010.08.09 19:02:00 | 004,961,538 | ---- | C] () -- C:\Users\***\Documents\***
[2010.08.09 15:38:50 | 010,852,068 | ---- | C] () -- C:\Users\***\Documents\Neuer ZIP-komprimierter Ordner (2).zip
[2010.08.08 11:16:52 | 007,782,436 | ---- | C] () -- C:\Users\***\Documents\Neuer ZIP-komprimierter Ordner.zip
[2009.12.27 18:14:32 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.12.24 18:06:15 | 000,006,664 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.28 04:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
 
========== LOP Check ==========
 
[2010.08.28 10:14:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2009.12.24 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Template
[2010.08.09 19:48:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.07.16 08:33:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Toshiba
[2009.12.24 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WildTangent
[2010.06.15 01:00:00 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2010.09.01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2010.08.11 11:14:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 02.09.2010 22:59:58 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\***\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 118,36 Gb Free Space | 79,42% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 142,09 Gb Free Space | 95,58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***-TOSH
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0FB2E75A-1024-331F-77EF-D45F71505D58}" = ATI Catalyst Install Manager
"{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9EE58CAC-21D5-1412-F0F2-CB9CD8834B59}" = ccc-utility64
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0163E195-D5EF-BF70-CBEE-73AA7CBBBEEE}" = CCC Help Thai
"{03883959-80DA-6151-CEAE-46A058CF774F}" = CCC Help Danish
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0823A2E3-69DD-A37A-7CD9-1CBEB037545C}" = Toshiba Photo Service - powered by myphotobook
"{096D1CCF-0F1E-08FB-094F-C40A633D5AEB}" = ccc-core-static
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{13D0EB07-FCA0-C005-A6C5-B1A4B7E5BB48}" = Catalyst Control Center Core Implementation
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1D4A3E7D-A580-5BB7-DED3-48508A53D2B2}" = CCC Help Chinese Standard
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22354A21-BE84-0D40-191D-6E530B715CCF}" = CCC Help Polish
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25F60491-F5AB-4985-9354-37C146783F35}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}" = Skype(TM) Launcher
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2F36BA32-7986-9E40-B3F6-908B214EC898}" = CCC Help Japanese
"{2F4A39B2-5A2D-3E9F-E8EA-6F891A097ACF}" = CCC Help English
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DBE8669-1F7D-E1C9-2BC8-CC4BAE0A5136}" = CCC Help Turkish
"{3FF5FF03-DB97-2ACE-BAE7-61D6D4A39F9B}" = Catalyst Control Center Graphics Full Existing
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4CEE0E9F-2116-BE92-CD54-8D1834935B54}" = Catalyst Control Center Localization All
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5DD59391-FED6-576D-B6BD-71111EF96522}" = CCC Help Russian
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6168260A-6D56-50BB-193C-BF6F471394AA}" = CCC Help Greek
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6A150790-FC79-D323-92D4-E773E3A03789}" = CCC Help Portuguese
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6CB88B54-4C1C-E6AB-49C6-476DE56327BC}" = CCC Help Spanish
"{6DE880FE-F0C9-BC57-B7C5-2ABEAE1E501E}" = CCC Help German
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{79660B73-3DD0-9C3D-3F29-0E266F3AE5EA}" = CCC Help Norwegian
"{81E5E076-F2C1-AE09-A360-0CAC2967FD5F}" = CCC Help Swedish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{986CAA52-3249-B34F-DC64-07347926CF57}" = CCC Help Korean
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E4FF410-471F-49E3-9358-74FF0D5E9901}" = Toshiba TEMPRO
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.de
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5B8BA5D-55CA-9351-984B-048FEF97A544}" = Catalyst Control Center Graphics Previews Vista
"{B6DECBD2-EC09-17C3-35AE-8C72B08062C9}" = CCC Help Czech
"{BF3AB290-563B-2F6F-9AF0-189B5CCF2C01}" = Catalyst Control Center Graphics Light
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C644BA4B-07D6-A67E-9EB4-157F6DEB68BE}" = CCC Help Chinese Traditional
"{D0831990-FF97-1F08-668D-4743CC32EFBC}" = CCC Help Finnish
"{D121161E-AD64-4438-97A0-66A1AB7FFDE3}" = Works Suite-Betriebssystem-Pack
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D9835CE0-E294-83FE-AF9F-BC113A0D2EA9}" = CCC Help Hungarian
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E25FA4E1-678F-414F-9777-1E3FDBBDA4D1}" = Catalyst Control Center InstallProxy
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}" = Catalyst Control Center - Branding
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}" = eBay
"{E8B28EF5-2A73-03A7-4F02-2DFF1D182940}" = Catalyst Control Center Graphics Full New
"{E94F833D-6435-40A2-112C-4BC18100B91D}" = CCC Help Italian
"{ED5EDCD0-5745-4B13-8061-58C9833FD06D}" = Microsoft Works 6.0
"{EEA02668-D5D9-AEFF-6FFB-1EB5BC765A52}" = CCC Help French
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FCD674E3-F281-46D6-7717-6EAFDD16D8FC}" = CCC Help Dutch
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Toshiba Photo Service - powered by myphotobook
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MM Eisenbahn-Bildschirmschoner V3" = MM Eisenbahn-Bildschirmschoner V3
"Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6)
"MSC" = McAfee SecurityCenter
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
"Works2002Setup" = Microsoft Works 2002-Setup-Start
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 22.08.2010 17:13:22 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 03:21:23 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 05:15:01 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 06:19:07 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 08:02:31 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 09:04:13 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 10:45:17 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 12:23:29 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 13:30:12 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 27.08.2010 08:46:27 | Computer Name = ***-TOSH | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
[ System Events ]
Error - 13.07.2010 04:07:55 | Computer Name = ***-TOSH | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 13.07.2010 04:07:55 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 05:29:36 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 05:57:42 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 08:12:34 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 12:54:03 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 13:55:57 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 17:22:13 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 14.07.2010 02:46:41 | Computer Name = ***-TOSH | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 14.07.2010 02:46:41 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
 
< End of report >
         
Kann das was mit Viren, Malware, Trojanern, Hackern usw. zu tun haben oder sind es nur Kleinigkeiten?

Mfg Habefrage

Hallo, habe noch Ergänzungen:

- Ich meine, ich habe das Programm OTL nicht "als Administrator" ausgeführt, sonder normal, ich hoffe das macht nichts?
- Vor einigen Wochen (zwei, drei Monaten) hatte ich mal plötzlich (ohne das ich was gemacht hab in dem Moment) einen Komplettabsturz und danach ist mir dann beim hochfahren eine Meldung aufgefallen, die mir vorher nicht aufggefallen war - hab ich bis heute - so in etwa: For Realtek (Zahlen) Ethernet Controller - Media Test Failure check cable - Exiting PCM ROM oder so ähnlich. Kann das was mit Malware/Viren/Hacker zu tun haben?
- Die Fehlermeldung bei GMER ist, dass die Datei C:\Windows\System32\Config\system nicht gelesen werden kann.

Hoffe, es hilft mir jemand, ob das ein Viren/Malware/Hacker Problem sein kann?

Mfg

Alt 05.09.2010, 16:42   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Zitat:
Malwarebites fand nichts und GMER lässt sich nicht starten. (Kann nicht auf Datei zugreifen) !
Trotzdem bitte das Log posten

Zitat:
- Ich meine, ich habe das Programm OTL nicht "als Administrator" ausgeführt, sonder normal, ich hoffe das macht nichts?
Bei Vista/7 muss man alle Tools per Rechtsklick als Admin ausführen

Zitat:
so in etwa: For Realtek (Zahlen) Ethernet Controller - Media Test Failure check cable - Exiting PCM ROM oder so ähnlich. Kann das was mit Malware/Viren/Hacker zu tun haben?
nein

Zitat:
- Die Fehlermeldung bei GMER ist, dass die Datei C:\Windows\System32\Config\system nicht gelesen werden kann.
Weil auch das Tool volle Rechte braucht
__________________

__________________

Alt 05.09.2010, 17:05   #3
habefrage
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Zitat:
Trotzdem bitte das Log posten
Hier nochmal von gestern (nochmal gemacht):

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4536

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

03.09.2010 20:43:08
mbam-log-2010-09-03 (20-43-08).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 248138
Laufzeit: 42 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
Zitat:
Bei Vista/7 muss man alle Tools per Rechtsklick als Admin ausführen
Es ging ja offensichtlich (log s.o.) oder muss/soll ich es jetzt nochmal machen?

Zitat:
Weil auch das Tool volle Rechte braucht
Egal, ob als Administrator oder nicht, ich bekomme immer diese Fehlermeldung.

Danke und mfg
__________________

Alt 05.09.2010, 17:43   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Zitat:
Egal, ob als Administrator oder nicht, ich bekomme immer diese Fehlermeldung.
Ach sorry, ich bin doof
Du hast ein 64-Windows, da geht kein GMER und das braucht es auch nicht, weil 64-Bit-Windows-Versionen einen besonderen Schutz haben, bei dem mW bisher kein Rootkit möglich war.
Und ja, OTL bitte nochmal als Admin starten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.09.2010, 18:15   #5
habefrage
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



O.K. - hier noch mal die OTL-Files:

Code:
ATTFilter
OTL logfile created on: 05.09.2010 19:00:53 - Run 4
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\***\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 118,09 Gb Free Space | 79,23% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 142,09 Gb Free Space | 95,58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***-TOSH
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.09.02 21:47:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
PRC - [2010.06.10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.11.04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
PRC - [2009.10.29 07:54:44 | 001,218,008 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2009.10.27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
PRC - [2009.10.02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
PRC - [2009.08.12 11:30:42 | 006,203,296 | ---- | M] (TOSHIBA) -- C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2009.07.14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009.07.08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
PRC - [2009.07.07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
PRC - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009.01.23 10:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009.01.13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.09.02 21:47:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\***\Downloads\OTL.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009.01.23 10:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files (x86)\McAfee\SiteAdvisor\saHook.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.08.27 14:38:22 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009.08.05 15:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009.08.04 12:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009.08.03 18:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.07.30 00:54:22 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2010.06.10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.11.04 17:47:32 | 000,155,456 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009.11.04 16:59:50 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe -- (McSysmon)
SRV - [2009.10.28 12:50:32 | 000,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009.10.27 12:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009.10.02 14:02:56 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009.08.17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.08.10 20:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009.08.06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009.07.14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009.07.08 12:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe -- (McProxy)
SRV - [2009.07.07 20:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe -- (McNASvc)
SRV - [2009.05.22 20:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2009.01.23 10:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.07.15 15:18:22 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2009.11.04 17:54:06 | 000,308,296 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009.11.04 17:54:06 | 000,102,472 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009.11.04 17:54:06 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009.11.04 17:47:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009.08.26 19:11:12 | 000,942,080 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2009.07.30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.30 13:07:12 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.24 16:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009.07.20 18:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.22 18:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.19 20:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.05.22 22:52:30 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.05.20 19:04:56 | 000,202,016 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010.03.03 00:43:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.07.30 19:16:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2010.01.29 20:46:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.01.29 20:46:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Programme\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Programme\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Programme\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Programme\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Programme\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll ()
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll ()
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.02 21:48:44 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.02 17:29:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2010.09.02 17:20:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Citrix
[2010.09.02 17:19:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Apps
[2010.09.02 17:19:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Deployment
[2010.09.02 16:02:52 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\McAfee
[2010.09.02 14:38:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.09.02 14:38:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.09.02 13:25:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.09.02 13:24:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.02 13:24:52 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.02 13:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.25 09:51:48 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010.08.11 14:04:10 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.08.11 14:04:09 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.08.11 14:04:09 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.08.11 14:04:04 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.08.11 14:04:04 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.08.11 14:04:03 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.08.11 14:04:03 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.08.11 14:04:03 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.08.11 14:04:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.08.11 14:03:57 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.08.11 14:03:57 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.08.11 14:03:57 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.05 19:01:06 | 002,097,152 | -HS- | M] () -- C:\Users\***\ntuser.dat
[2010.09.05 18:55:06 | 000,014,707 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2010.09.05 18:20:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.05 18:16:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.05 17:48:12 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.05 17:48:12 | 000,016,080 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.05 14:17:08 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.05 11:13:34 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.05 11:13:34 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.09.05 11:13:34 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.05 11:13:34 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.09.05 11:13:34 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.05 11:08:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.05 11:08:47 | 3193,602,048 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.04 00:40:11 | 002,747,066 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.09.02 21:48:47 | 000,001,020 | ---- | M] () -- C:\Users\***\Documents\Malwarebytes' Anti-Malware.lnk
[2010.09.02 18:12:46 | 000,006,702 | ---- | M] () -- C:\Users\***\Documents\Dokument_c.rtf
[2010.09.02 17:20:43 | 000,103,784 | ---- | M] () -- C:\Users\***\GoToAssistDownloadHelper.exe
[2010.09.02 14:38:10 | 000,001,269 | ---- | M] () -- C:\Users\***\Documents\Spybot - Search & Destroy.lnk
[2010.09.02 10:53:14 | 000,149,190 | ---- | M] () -- C:\Users\***\Documents\2010_09rechnung_4960811584.pdf
[2010.09.01 15:37:45 | 000,006,664 | ---- | M] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2010.09.01 01:22:22 | 000,031,232 | ---- | M] () -- C:\Users\***\Documents\Guten Aben1.doc
[2010.09.01 01:19:32 | 000,024,064 | ---- | M] () -- C:\Users\***\Documents\TEST.doc
[2010.09.01 01:16:32 | 000,008,250 | ---- | M] () -- C:\Users\***\Documents\Dokument___.rtf
[2010.09.01 01:01:33 | 000,031,232 | ---- | M] () -- C:\Users\***\Documents\Guten Abend.doc
[2010.09.01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\tasks\McQcTask.job
[2010.08.29 14:08:41 | 000,002,606 | ---- | M] () -- C:\Users\***\Documents\entwurf_forum_____.rtf
[2010.08.19 18:18:10 | 000,002,839 | ---- | M] () -- C:\Users\***\Documents\Mi_.rtf
[2010.08.18 19:12:01 | 000,000,785 | ---- | M] () -- C:\Users\***\Documents\mail_am.rtf
[2010.08.15 16:29:39 | 000,000,655 | ---- | M] () -- C:\Users\***\Documents\entwurf-.rtf
[2010.08.15 15:25:47 | 000,026,624 | ---- | M] () -- C:\Users\***\Documents\entwurf_xy.doc
[2010.08.15 12:02:25 | 000,024,064 | ---- | M] () -- C:\Users\***\Documents\entwurf_naja.doc
[2010.08.14 23:40:45 | 000,026,624 | ---- | M] () -- C:\Users\***\Documents\entwurf_leben....doc
[2010.08.13 16:23:22 | 000,020,480 | ---- | M] () -- C:\Users\***\Documents\Ich bin wütend auf.doc
[2010.08.13 14:53:24 | 000,002,016 | ---- | M] () -- C:\Users\***\Documents\entw_f....rtf
[2010.08.12 11:45:34 | 000,343,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.09 17:17:02 | 000,069,497 | ---- | M] () -- C:\Users\***\Documents\INBOX.msf
[2010.08.09 15:39:00 | 010,852,068 | ---- | M] () -- C:\Users\***\Documents\Neuer ZIP-komprimierter Ordner (2).zip
[2010.08.09 13:50:22 | 004,961,538 | ---- | M] () -- C:\Users\***\Documents\Archives-1
[2010.08.08 11:17:11 | 007,782,436 | ---- | M] () -- C:\Users\***\Documents\Neuer ZIP-komprimierter Ordner.zip
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.09.02 21:48:47 | 000,001,020 | ---- | C] () -- C:\Users\***\Documents\Malwarebytes' Anti-Malware.lnk
[2010.09.02 18:12:46 | 000,006,702 | ---- | C] () -- C:\Users\***\Documents\Dokument_c.rtf
[2010.09.02 17:20:42 | 000,103,784 | ---- | C] () -- C:\Users\***\GoToAssistDownloadHelper.exe
[2010.09.02 14:38:10 | 000,001,269 | ---- | C] () -- C:\Users\***\Documents\Spybot - Search & Destroy.lnk
[2010.09.02 10:53:14 | 000,149,190 | ---- | C] () -- C:\Users\***\Documents\2010_09rechnung_4960811584.pdf
[2010.09.01 01:22:22 | 000,031,232 | ---- | C] () -- C:\Users\***\Documents\Guten Aben1.doc
[2010.09.01 01:19:32 | 000,024,064 | ---- | C] () -- C:\Users\***\Documents\TEST.doc
[2010.09.01 01:16:32 | 000,008,250 | ---- | C] () -- C:\Users\***\Documents\Dokument___.rtf
[2010.08.31 23:12:11 | 000,031,232 | ---- | C] () -- C:\Users\***\Documents\Guten Abend.doc
[2010.08.29 10:48:40 | 000,002,606 | ---- | C] () -- C:\Users\***\Documents\entwurf_forum_____.rtf
[2010.08.19 18:17:11 | 000,002,839 | ---- | C] () -- C:\Users\***\Documents\Mi_.rtf
[2010.08.18 19:12:01 | 000,000,785 | ---- | C] () -- C:\Users\***\Documents\mail_am.rtf
[2010.08.15 15:36:10 | 000,000,655 | ---- | C] () -- C:\Users\***\Documents\entwurf-.rtf
[2010.08.15 12:15:45 | 000,026,624 | ---- | C] () -- C:\Users\***\Documents\entwurf_xy.doc
[2010.08.15 12:02:24 | 000,024,064 | ---- | C] () -- C:\Users\***\Documents\entwurf_naja.doc
[2010.08.14 23:03:09 | 000,026,624 | ---- | C] () -- C:\Users\***\Documents\entwurf_leben....doc
[2010.08.13 16:00:55 | 000,020,480 | ---- | C] () -- C:\Users\***\Documents\Ich bin wütend auf.doc
[2010.08.11 18:07:31 | 000,002,016 | ---- | C] () -- C:\Users\***\Documents\entw_f....rtf
[2010.08.09 19:02:00 | 004,961,538 | ---- | C] () -- C:\Users\***\Documents\Archives-1
[2010.08.09 15:38:50 | 010,852,068 | ---- | C] () -- C:\Users\***\Documents\Neuer ZIP-komprimierter Ordner (2).zip
[2010.08.08 11:16:52 | 007,782,436 | ---- | C] () -- C:\Users\***\Documents\Neuer ZIP-komprimierter Ordner.zip
[2009.12.27 18:14:32 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.12.24 18:06:15 | 000,006,664 | ---- | C] () -- C:\Users\***\AppData\Roaming\wklnhst.dat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.28 04:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
 
========== LOP Check ==========
 
[2010.08.28 10:14:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2009.12.24 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Template
[2010.08.09 19:48:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.07.16 08:33:25 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Toshiba
[2009.12.24 19:58:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WildTangent
[2010.06.15 01:00:00 | 000,000,378 | ---- | M] () -- C:\Windows\Tasks\McDefragTask.job
[2010.09.01 01:00:00 | 000,000,348 | ---- | M] () -- C:\Windows\Tasks\McQcTask.job
[2010.08.11 11:14:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 05.09.2010 19:00:53 - Run 4
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\***\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 65,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,04 Gb Total Space | 118,09 Gb Free Space | 79,23% Space Free | Partition Type: NTFS
Drive D: | 148,65 Gb Total Space | 142,09 Gb Free Space | 95,58% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: ***-TOSH
Current User Name: ***
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" File not found
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0FB2E75A-1024-331F-77EF-D45F71505D58}" = ATI Catalyst Install Manager
"{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{9EE58CAC-21D5-1412-F0F2-CB9CD8834B59}" = ccc-utility64
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0163E195-D5EF-BF70-CBEE-73AA7CBBBEEE}" = CCC Help Thai
"{03883959-80DA-6151-CEAE-46A058CF774F}" = CCC Help Danish
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0823A2E3-69DD-A37A-7CD9-1CBEB037545C}" = Toshiba Photo Service - powered by myphotobook
"{096D1CCF-0F1E-08FB-094F-C40A633D5AEB}" = ccc-core-static
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{13D0EB07-FCA0-C005-A6C5-B1A4B7E5BB48}" = Catalyst Control Center Core Implementation
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1D4A3E7D-A580-5BB7-DED3-48508A53D2B2}" = CCC Help Chinese Standard
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22354A21-BE84-0D40-191D-6E530B715CCF}" = CCC Help Polish
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25F60491-F5AB-4985-9354-37C146783F35}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}" = Skype(TM) Launcher
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2F36BA32-7986-9E40-B3F6-908B214EC898}" = CCC Help Japanese
"{2F4A39B2-5A2D-3E9F-E8EA-6F891A097ACF}" = CCC Help English
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DBE8669-1F7D-E1C9-2BC8-CC4BAE0A5136}" = CCC Help Turkish
"{3FF5FF03-DB97-2ACE-BAE7-61D6D4A39F9B}" = Catalyst Control Center Graphics Full Existing
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4CEE0E9F-2116-BE92-CD54-8D1834935B54}" = Catalyst Control Center Localization All
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5DD59391-FED6-576D-B6BD-71111EF96522}" = CCC Help Russian
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6168260A-6D56-50BB-193C-BF6F471394AA}" = CCC Help Greek
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6A150790-FC79-D323-92D4-E773E3A03789}" = CCC Help Portuguese
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6CB88B54-4C1C-E6AB-49C6-476DE56327BC}" = CCC Help Spanish
"{6DE880FE-F0C9-BC57-B7C5-2ABEAE1E501E}" = CCC Help German
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{79660B73-3DD0-9C3D-3F29-0E266F3AE5EA}" = CCC Help Norwegian
"{81E5E076-F2C1-AE09-A360-0CAC2967FD5F}" = CCC Help Swedish
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{986CAA52-3249-B34F-DC64-07347926CF57}" = CCC Help Korean
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E4FF410-471F-49E3-9358-74FF0D5E9901}" = Toshiba TEMPRO
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.de
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5B8BA5D-55CA-9351-984B-048FEF97A544}" = Catalyst Control Center Graphics Previews Vista
"{B6DECBD2-EC09-17C3-35AE-8C72B08062C9}" = CCC Help Czech
"{BF3AB290-563B-2F6F-9AF0-189B5CCF2C01}" = Catalyst Control Center Graphics Light
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C644BA4B-07D6-A67E-9EB4-157F6DEB68BE}" = CCC Help Chinese Traditional
"{D0831990-FF97-1F08-668D-4743CC32EFBC}" = CCC Help Finnish
"{D121161E-AD64-4438-97A0-66A1AB7FFDE3}" = Works Suite-Betriebssystem-Pack
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D9835CE0-E294-83FE-AF9F-BC113A0D2EA9}" = CCC Help Hungarian
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E25FA4E1-678F-414F-9777-1E3FDBBDA4D1}" = Catalyst Control Center InstallProxy
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D63B95-4B21-414A-A2C7-D6D6A6AC6D79}" = Catalyst Control Center - Branding
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}" = eBay
"{E8B28EF5-2A73-03A7-4F02-2DFF1D182940}" = Catalyst Control Center Graphics Full New
"{E94F833D-6435-40A2-112C-4BC18100B91D}" = CCC Help Italian
"{ED5EDCD0-5745-4B13-8061-58C9833FD06D}" = Microsoft Works 6.0
"{EEA02668-D5D9-AEFF-6FFB-1EB5BC765A52}" = CCC Help French
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2260E94-80F2-4CB1-B6B1-6043D9BFFA47}" = Works-Synchronisierung
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FCD674E3-F281-46D6-7717-6EAFDD16D8FC}" = CCC Help Dutch
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Toshiba Photo Service - powered by myphotobook
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ICQToolbar" = ICQ Toolbar
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MM Eisenbahn-Bildschirmschoner V3" = MM Eisenbahn-Bildschirmschoner V3
"Mozilla Thunderbird (3.0.6)" = Mozilla Thunderbird (3.0.6)
"MSC" = McAfee SecurityCenter
"WildTangent toshiba Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
"Works2002Setup" = Microsoft Works 2002-Setup-Start
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 22.08.2010 17:13:22 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 03:21:23 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 05:15:01 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 06:19:07 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 08:02:31 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 09:04:13 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 10:45:17 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 12:23:29 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 23.08.2010 13:30:12 | Computer Name = ***-TOSH | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 27.08.2010 08:46:27 | Computer Name = ***-TOSH | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
[ System Events ]
Error - 12.07.2010 16:25:18 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 12.07.2010 16:41:44 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 04:07:55 | Computer Name = ***-TOSH | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 13.07.2010 04:07:55 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 05:29:36 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 05:57:42 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 08:12:34 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 12:54:03 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 13:55:57 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 13.07.2010 17:22:13 | Computer Name = ***-TOSH | Source = atikmdag | ID = 43029
Description = Display is not active
 
 
< End of report >
         


Alt 05.09.2010, 18:35   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Sieht alles unauffällig aus.
Noch Probleme oder weitere Funde in der Zwischenzeit?
__________________
--> Ist das Malware oder ähnliches?

Alt 05.09.2010, 18:50   #7
habefrage
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Nein, bislang sonst alles normal seitdem.

Aber Danke, dass Du Dir die files angesehen hast^^.

Alt 16.09.2010, 13:10   #8
habefrage
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Hallo nochmal,

ich habe jetzt nochmal mit dem Programm Superantimalware getestet und der hat 94 Funde gehabt .
Komischerweise hat er während er die "Registrierungselemente" durchsucht hat 2 Funde gehabt, die er aber bei Datenelemente gelistet hat, obwohl da noch nichts gescannt war.
Komisch auch, dass da Websites sind, wo ich ewig nicht war und eigentlich hatte ich cookies gelöscht vor etwa zwei Wochen. Viele der Seiten kenn ich eh nicht wirklich (Werbung?).

Hier das logfile:

Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 09/16/2010 at 01:53 PM

Application Version : 4.43.1000

Core Rules Database Version : 5516
Trace Rules Database Version: 3328

Scan type       : Complete Scan
Total Scan Time : 00:30:13

Memory items scanned      : 804
Memory threats detected   : 0
Registry items scanned    : 14062
Registry threats detected : 0
File items scanned        : 29081
File threats detected     : 94

Adware.Tracking Cookie
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\***@statse.webtrendslive[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\***@atdmt[2].txt
	C:\Users\***\AppData\Local\Temp\Low\Cookies\***@ads.glispa[2].txt
	C:\Users\***\AppData\Local\Temp\Low\Cookies\***@adtech[1].txt
	C:\Users\***\AppData\Local\Temp\Low\Cookies\***@atdmt[1].txt
	a.banner.t-online.de [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	acvs.mediaonenetwork.net [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	akamai.smartadserver.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	banners.securedataimages.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	bc.youporn.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	broadcast.piximedia.fr [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	cdn.eyewonder.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	cdn1.eyewonder.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	cdn5.specificclick.net [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	ch.mediaplanet.streamingbolaget.se [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	ds.serving-sys.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	ia.media-imdb.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	ictv-bd-ec.indieclicktv.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	ictv-ic-ec.indieclicktv.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	imagesrv.adition.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	indieclick.3janecdn.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	media.mtvnservices.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	s0.2mdn.net [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	secure-it.imrworldwide.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	secure-us.imrworldwide.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	static.plymedia.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	www.adservercentral.info [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	www.pornotube.com [ C:\Users\***\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\YJ3K5NT7 ]
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@zedo[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@content.yieldmanager[3].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ice.112.2o7[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@track.adform[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@doubleclick[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@bs.serving-sys[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adx.chip[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ads.quartermedia[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ad2.adfarm1.adition[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ad4.adfarm1.adition[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@mediaplex[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@go.dynamic-tracking[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ero-advertising[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ww251.smartadserver[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@invitemedia[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@himedia.individuad[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@tracking.quisma[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@kaspersky.122.2o7[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@traffictrack[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@webmasterplan[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ad.yieldmanager[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@unitymedia[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@fl01.ct2.comclick[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@zanox[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adserver.adtechus[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ad.ad-srv[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@sevenoneintermedia.112.2o7[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@smartadserver[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@tribalfusion[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ad.adnet[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@zanox-affiliate[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adfarm1.adition[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adserver.trojaner-info[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@www.active-tracking[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ads.s-i-r[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@atwola[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@guj.122.2o7[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ad.adc-serv[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@serving-sys[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@atdmt[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@cdn.at.atwola[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@im.banner.t-online[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@www.etracker[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adtech[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ad.zanox[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@www.usenext[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ads.youporn[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@revsci[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@ad3.adfarm1.adition[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adviva[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@advertising[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@youporn[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adbrite[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@at.atwola[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@specificclick[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@adultfriendfinder[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@apmebf[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@chipxonioonlinegmbh.112.2o7[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@collective-media[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@content.yieldmanager[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@imrworldwide[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@kontera[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@media6degrees[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@questionmarket[2].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@tacoda[1].txt
	C:\Users\***\AppData\Roaming\Microsoft\Windows\Cookies\Low\***@tradedoubler[1].txt
         
Was soll ich jetzt machen? Das Programm hat das dann wohl in Quarantäne gesteckt. Ist mein Computer doch irgendwie verseucht?

Alt 16.09.2010, 13:51   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Zitat:
und der hat 94 Funde gehabt
Das sind nur Cookies die gefunden wurden!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.11.2010, 19:14   #10
habefrage
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Hallo,

nun wieder etwas Neues auf dem anderen Rechner:

Seit eben bekomme ich beim surfen oft folgende Meldung in einer roten Leiste über dem Hauptfeld des IE:

Diese Webseite wurde als unsichere Webseite gemeldet.

C:\Program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_......dll

(Buchstaben und Zahlen statt...).

Darunter steht, von dieser Seite ginge Bedrohung aus, es gäbe Links zu Malware.
Ja, aber das ist doch auf meinem Rechner???

Außerdem sind die gespeicherten Suchbegriffe in der Toolbar scheinbar weg und da kam auch gleich eine Fehlermeldung in dieser Richtung.

Alt 04.11.2010, 19:27   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



1. mit dem IE würde ich nicht surfen
2. wird Dir ein Pfad und keine URL genannt, der Pfad ist der Programmpfad zur Google-Toolbar
3. wo ist da jetzt ein Problem??
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.11.2010, 20:15   #12
habefrage
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Naja, das war halt bisher nicht so und ich frag mich, was das soll. Das mit der "Webseite" steht dort - der angegebene Pfad sei einen gefährliche Webseite.

Ich frag mich halt, ob das nun irgendein Hinweis auf Probleme ist. Ich "suche" wohl immernoch irgendwie nach Malware/Hackern/usw. auf meinen Rechnern.

Habe auch gerade nochmal Malwarebytes durchgeführt, kein Ergebnis, nur ist er kurz zwischendurch hängengeblieben und es öffnete sich ein zweites Fenster in der Taskleiste, dann war es wieder weg.
(Ich könnte noch andere Seltsamkeiten berichten, aber will hier auch nicht zu viel Kleinkram schreiben, in meinem anderen Thread hatte ich auch den Eindruch, dass ich langsam nerve... oder hattest Du die letzte Frage nur übersehen?).

Alt 04.11.2010, 21:28   #13
habefrage
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Also, google-Toolbar geht wieder wie vorher, aber ich hab keine Ahnung, was das nun alles zu bedeuten hat.
Mein Virenscanner hab ich auch noch einen Vollscan machen lassen, hat nichts gefunden.

Alt 04.11.2010, 21:30   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Welches Tool hat Dir eigentlich die Google-Toolbar gemeldet?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 04.11.2010, 21:43   #15
habefrage
 
Ist das Malware oder ähnliches? - Standard

Ist das Malware oder ähnliches?



Das weiß ich leider nicht, erst dachte ich, es wäre McAfee, aber scheinbar war es doch was von Microsoft, weil ich mein da war ein Link zu einer Microsoft-Page, sicher bin ich mir leider nicht. Da stand leider nichts eindeutiges.

Antwort

Themen zu Ist das Malware oder ähnliches?
0x00000001, 64-bit, autorun, bho, c:\windows\system32\rundll32.exe, components, druck, error, excel, fehler, firefox, flash player, format, helper, home, home premium, iastor.sys, install.exe, location, logfile, malware, media test failure, microsoft office word, mozilla, mozilla thunderbird, oldtimer, otl logfile, performance, phishing, plug-in, programdata, realtek, registry, richtlinie, rundll, safer networking, saver, security, senden, shell32.dll, shortcut, siteadvisor, starten., syswow64, trojaner, usb 2.0, viren, webcheck, windows, wlan



Ähnliche Themen: Ist das Malware oder ähnliches?


  1. Adware oder ähnliches
    Alles rund um Windows - 17.02.2015 (1)
  2. Unsicher ob GVU-Trojaner (oder ähnliches) noch auf dem Rechner ist oder ob dieser entfernt wurde.
    Mülltonne - 29.01.2015 (0)
  3. Ein Trojaner oder ähnliches
    Plagegeister aller Art und deren Bekämpfung - 25.12.2014 (7)
  4. GVU oder ähnliches --- Befall
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (15)
  5. Polizeivirus oder ähnliches?
    Log-Analyse und Auswertung - 13.03.2013 (17)
  6. Fehlermeldung oder ähnliches
    Alles rund um Windows - 24.02.2013 (6)
  7. Verdacht auf Malware/Trojaner/Keylogger oder ähnliches
    Log-Analyse und Auswertung - 14.06.2012 (3)
  8. Trojaner oder so was ähnliches?
    Plagegeister aller Art und deren Bekämpfung - 21.10.2010 (3)
  9. Irgendwo viren oder ähnliches
    Log-Analyse und Auswertung - 02.08.2009 (0)
  10. Keylogger oder Ähnliches
    Plagegeister aller Art und deren Bekämpfung - 09.07.2009 (2)
  11. Zonealarm oder was ähnliches?
    Antiviren-, Firewall- und andere Schutzprogramme - 24.01.2009 (11)
  12. Malware oder ähnliches gefangen?
    Log-Analyse und Auswertung - 15.10.2008 (1)
  13. Hilfe hab 3 Viren oder ähnliches
    Log-Analyse und Auswertung - 24.02.2008 (12)
  14. hab ich ein virus oder ähnliches ?
    Plagegeister aller Art und deren Bekämpfung - 06.08.2006 (6)
  15. Hilfe! spyfalcon oder ähnliches
    Plagegeister aller Art und deren Bekämpfung - 12.05.2006 (2)
  16. Trojaner oder ähnliches Ungeziefer
    Plagegeister aller Art und deren Bekämpfung - 28.03.2006 (14)
  17. CWS oder ähnliches?
    Log-Analyse und Auswertung - 14.12.2005 (2)

Zum Thema Ist das Malware oder ähnliches? - Guten Abend, mein Laptop hat in den letzten Tagen ein paar seltsame Dinge gemacht - gestern und heute war zwei Mal plötzlich nach Wiedereinschalten der McAfee deaktiviert, gestern hatte ich - Ist das Malware oder ähnliches?...
Archiv
Du betrachtest: Ist das Malware oder ähnliches? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.