| |
| |||||||
Log-Analyse und Auswertung: Wieder TR/Kazy.mekml.1Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
22.04.2011, 21:10
| #1 |
| |  Wieder TR/Kazy.mekml.1 Lieber markusg, Moin allerseits, ich als jemand ohne sämtliche Ahnung hat sich auch den besagten Trojaner eingefangen. Alle Symptome wie bei den anderen. Die OTL und Extras Log Files wie folgt. Könnte auch mir geholfen werden? Besten dank im Voraus!!! |
|
25.04.2011, 14:47
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Wieder TR/Kazy.mekml.1Zitat:
 Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ |
|
25.04.2011, 17:16
| #3 |
| | Wieder TR/Kazy.mekml.1 Ich hab die folgenden Logfiles mit OTL erstellt. Da diese keine realen Namen enthalten dürfen, habe ich meinen Namen durch "Vornamen Nachnamen" ersetzt; anders wusste ich mir nicht zu helfen.
__________________ |
|
25.04.2011, 17:17
| #4 |
| | Wieder TR/Kazy.mekml.1 OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.04.2011 21:47:40 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Vorname Nachname Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19048) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 70,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 74,52 Gb Total Space | 27,47 Gb Free Space | 36,86% Space Free | Partition Type: NTFS Drive E: | 73,06 Gb Total Space | 43,71 Gb Free Space | 59,83% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: ULTRABREMEN | User Name: Vorname Nachname | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Vorname Nachname\otl.exe (OldTimer Tools) PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Programme\Common Files\PPLiveNetwork\PPAP.exe (PPLive Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - C:\Programme\Synaptics\SynTP\SynToshiba.exe (Synaptics, Inc.) PRC - C:\Programme\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) PRC - C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) PRC - C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) PRC - C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION) PRC - C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA CORPORATION) PRC - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) PRC - C:\Programme\TOSHIBA\Utilities\KeNotify.exe () PRC - C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) PRC - C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\Vorname Nachname\otl.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (TOSHIBA Bluetooth Service) -- File not found SRV - (LiveUpdate Notice Ex) -- File not found SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe () SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (TosCoSrv) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (CFSvcs) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.) SRV - (TODDSrv) -- C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) ========== Driver Services (SafeList) ========== DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation) DRV - (TVALZ) -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS (TOSHIBA Corporation) DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) DRV - (tos_sps32) -- C:\Windows\system32\DRIVERS\tos_sps32.sys (TOSHIBA Corporation) DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation) DRV - (CplIR) -- C:\Windows\system32\DRIVERS\CplIR.SYS (COMPAL ELECTRONIC INC.) DRV - (tifm21) -- C:\Windows\System32\drivers\tifm21.sys (Texas Instruments) DRV - (KR10N) -- C:\Windows\system32\drivers\kr10n.sys (TOSHIBA CORPORATION) DRV - (KR10I) -- C:\Windows\system32\drivers\kr10i.sys (TOSHIBA CORPORATION) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (tosrfec) -- C:\Windows\System32\drivers\tosrfec.sys (TOSHIBA Corporation) DRV - (tdcmdpst) -- C:\Windows\System32\drivers\tdcmdpst.sys (TOSHIBA Corporation.) DRV - (LPCFilter) -- C:\Windows\system32\DRIVERS\LPCFilter.sys (COMPAL ELECTRONIC INC.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3524301913-231062402-724334447-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-3524301913-231062402-724334447-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.facebook.com/?ref=logo IE - HKU\S-1-5-21-3524301913-231062402-724334447-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3524301913-231062402-724334447-1000\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-21-3524301913-231062402-724334447-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKU\S-1-5-21-3524301913-231062402-724334447-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2 FF - prefs.js..extensions.enabledItems: 5 FF - prefs.js..extensions.enabledItems: 3 FF - prefs.js..extensions.enabledItems: 1 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010.03.06 17:48:35 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.12.19 14:34:08 | 000,000,000 | -H-D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.02.19 00:19:53 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.02.19 00:19:53 | 000,000,000 | ---D | M] [2008.11.27 21:18:07 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Vorname Nachname\AppData\Roaming\mozilla\Extensions [2011.02.10 04:34:35 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Vorname Nachname\AppData\Roaming\mozilla\Firefox\Profiles\eh4q3mmi.default\extensions [2009.08.04 19:46:05 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Vorname Nachname\AppData\Roaming\mozilla\Firefox\Profiles\eh4q3mmi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.06.19 21:54:04 | 000,000,000 | -H-D | M] (Google Toolbar for Firefox) -- C:\Users\Vorname Nachname\AppData\Roaming\mozilla\Firefox\Profiles\eh4q3mmi.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.10.26 23:16:04 | 000,000,000 | -H-D | M] ("ICQ Toolbar") -- C:\Users\Vorname Nachname\AppData\Roaming\mozilla\Firefox\Profiles\eh4q3mmi.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011.02.10 04:34:35 | 000,000,000 | -H-D | M] (Facemoods) -- C:\Users\Vorname Nachname\AppData\Roaming\mozilla\Firefox\Profiles\eh4q3mmi.default\extensions\ffxtlbr@Facemoods.com [2011.01.09 01:14:45 | 000,000,000 | -H-D | M] (TVU Web Player) -- C:\Users\Vorname Nachname\AppData\Roaming\mozilla\Firefox\Profiles\eh4q3mmi.default\extensions\firefox@tvunetworks.com [2010.06.21 16:35:24 | 000,001,042 | -H-- | M] () -- C:\Users\Vorname Nachname\AppData\Roaming\Mozilla\Firefox\Profiles\eh4q3mmi.default\searchplugins\icqplugin.xml [2011.03.18 23:23:25 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2007.11.01 19:21:45 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2010.05.11 21:27:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.09.28 22:35:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.31 06:26:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2011.01.28 17:16:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.03.18 23:23:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2010.03.06 17:48:35 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX [2008.12.06 04:22:40 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [2009.09.02 20:01:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2010.01.10 14:00:51 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010.04.04 00:04:24 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [2010.05.11 21:27:52 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.09.28 22:35:44 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.31 06:26:05 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.12.19 14:34:08 | 000,000,000 | -H-D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2009.06.02 21:16:08 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.06.02 21:16:08 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.12.13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchddr.xml [2009.06.02 21:16:08 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2009.06.02 21:16:08 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2009.06.02 21:16:08 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.04.21 19:24:08 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - File not found O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH) O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH) O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH) O3 - HKU\S-1-5-21-3524301913-231062402-724334447-1000\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH) O3 - HKU\S-1-5-21-3524301913-231062402-724334447-1000\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [HSON] C:\Programme\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [IgfxTray] File not found O4 - HKLM..\Run: [KeNotify] C:\Programme\TOSHIBA\Utilities\KeNotify.exe () O4 - HKLM..\Run: [NDSTray.exe] File not found O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA) O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\.DEFAULT..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-18..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-3524301913-231062402-724334447-1000..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.) O4 - HKU\S-1-5-21-3524301913-231062402-724334447-1000..\Run: [PPAP] C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe (PPLive Corporation) O4 - HKU\S-1-5-21-3524301913-231062402-724334447-1000..\Run: [uvEWQXCeAJwf] File not found O4 - Startup: C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Programme\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - File not found O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-3524301913-231062402-724334447-1000\..Trusted Domains: elsteronline.de ([www] https in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-3524301913-231062402-724334447-1000\..Trusted Domains: olb.de ([www] http in Vertrauenswürdige Sites) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {271A3CF5-5A54-447B-A08F-BE805F0DA60B} https://www.olb.de/olb_fb3_1818/plugin/AXFOAM.CAB (DataDesign DDBAC Plug-In) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1223246825 (Image Uploader Control) O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} hxxp://static.ak.studivz.net/photouploader/ImageUploader4.cab?nocache=20071219-1 (Image Uploader Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} hxxp://static.pe.studivz.net/photouploader/ImageUploader5.cab?nocache=1206874517 (Image Uploader Control) O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0) O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldde-de.cab (Windows Live Hotmail Photo Upload Tool) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found O24 - Desktop WallPaper: C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Vorname Nachname\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - File not found NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG) MsConfig - StartUpReg: BufferZone - hkey= - key= - File not found MsConfig - StartUpReg: ccApp - hkey= - key= - File not found MsConfig - StartUpReg: DAEMON Tools - hkey= - key= - C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.) MsConfig - StartUpReg: Desktop SMS - hkey= - key= - C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media) MsConfig - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) MsConfig - StartUpReg: HotKeysCmds - hkey= - key= - File not found MsConfig - StartUpReg: HWSetup - hkey= - key= - File not found MsConfig - StartUpReg: iswum - hkey= - key= - File not found MsConfig - StartUpReg: mobiswing - hkey= - key= - C:\Programme\Secured eMule\secp.exe () MsConfig - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) MsConfig - StartUpReg: Persistence - hkey= - key= - File not found MsConfig - StartUpReg: swg - hkey= - key= - C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.) MsConfig - StartUpReg: Symantec PIF AlertEng - hkey= - key= - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation) MsConfig - StartUpReg: TkBellExe - hkey= - key= - File not found MsConfig - StartUpReg: topi - hkey= - key= - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA) MsConfig - StartUpReg: TOSCDSPD - hkey= - key= - File not found MsConfig - StartUpReg: Toshiba Registration - hkey= - key= - C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba) MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Users\Vorname Nachname\Winamp\winampa.exe () MsConfig - State: "startup" - 2 SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfPf - Driver SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.dvacm - C:\Programme\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.) Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.) Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.04.21 19:23:18 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Users\Vorname Nachname\OTL.exe [2011.04.21 19:06:58 | 000,000,000 | -H-D | C] -- C:\_OTL [2011.04.21 18:20:26 | 000,580,608 | -H-- | C] (OldTimer Tools) -- C:\Users\Vorname Nachname\Desktop\OTL.exe [2011.04.17 17:11:07 | 000,000,000 | -H-D | C] -- C:\Users\Vorname Nachname\Desktop\PackFM û I Fucking Hate Rappers (2010) [2011.04.14 07:30:31 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.04.13 21:51:26 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2011.04.13 21:51:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2011.04.13 21:51:20 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2011.04.13 21:51:20 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2011.04.13 21:51:19 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2011.04.13 21:51:19 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2011.04.13 21:51:19 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2011.04.13 21:51:19 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2011.04.13 21:51:17 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2011.04.13 21:51:17 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2011.04.13 21:51:17 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2011.04.13 21:51:17 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2011.04.13 21:51:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2011.04.13 21:51:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2011.04.13 21:51:17 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2011.04.13 21:51:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2011.04.13 21:51:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2011.04.13 21:51:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2011.04.13 21:51:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2011.04.13 21:51:13 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll [2011.04.13 21:51:12 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll [2011.04.13 21:51:07 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe [2011.04.13 21:51:04 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2011.04.13 21:50:59 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2011.04.13 21:50:59 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll ========== Files - Modified Within 30 Days ========== [2011.04.22 21:50:31 | 000,000,408 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D6630931-2328-4D1E-B35F-D339EC6170AF}.job [2011.04.22 21:07:31 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.22 21:07:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.22 21:07:29 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.22 21:07:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.22 21:07:16 | 2145,837,056 | -HS- | M] () -- C:\hiberfil.sys [2011.04.22 20:58:15 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.21 19:24:08 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts [2011.04.21 19:23:21 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\Vorname Nachname\OTL.exe [2011.04.21 19:22:26 | 000,580,608 | -H-- | M] (OldTimer Tools) -- C:\Users\Vorname Nachname\Desktop\OTL.exe [2011.04.21 16:51:13 | 000,598,900 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.21 16:51:12 | 000,632,252 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.21 16:51:12 | 000,127,270 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.21 16:51:12 | 000,104,914 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.20 15:20:24 | 000,000,486 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Vorname Nachname.job [2011.04.15 21:58:57 | 000,370,611 | -H-- | M] () -- C:\Users\Vorname Nachname\Desktop\Real Hip Hop.m3u [2011.04.14 18:43:30 | 000,398,280 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2010.11.03 05:43:59 | 000,000,680 | -H-- | C] () -- C:\Users\Vorname Nachname\AppData\Local\d3d9caps.dat [2009.09.11 05:10:55 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009.09.11 05:10:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009.06.25 18:00:11 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009.01.09 22:18:00 | 000,000,952 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys [2008.10.27 02:23:47 | 002,808,832 | ---- | C] () -- C:\Programme\Common FilesDDBACSetup.msi [2008.09.17 19:43:12 | 000,148,416 | ---- | C] () -- C:\ProgramData\firstlsp.reg.dat [2008.09.11 20:30:43 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2008.09.09 15:49:20 | 000,235,539 | -H-- | C] () -- C:\Users\Vorname Nachname\AppData\Local\iswum_nav.dat [2008.09.09 15:49:20 | 000,007,168 | -H-- | C] () -- C:\Users\Vorname Nachname\AppData\Local\iswum.dat [2008.09.09 15:49:20 | 000,001,426 | -H-- | C] () -- C:\Users\Vorname Nachname\AppData\Local\iswum_navps.dat [2008.08.24 17:06:58 | 000,000,096 | -H-- | C] () -- C:\Users\Vorname Nachname\AppData\Local\cnboau.bat [2008.08.19 21:16:40 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008.01.20 20:11:18 | 000,000,067 | ---- | C] () -- C:\Windows\cdplayer.ini [2008.01.05 21:38:25 | 000,000,016 | -H-- | C] () -- C:\Users\Vorname Nachname\AppData\Roaming\mxfilerelatedcache.mxc2 [2008.01.05 21:38:25 | 000,000,016 | -H-- | C] () -- C:\Users\Vorname Nachname\AppData\Local\mxfilerelatedcache.mxc2 [2007.12.06 01:28:13 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2007.11.18 21:59:47 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI [2007.11.07 21:12:00 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll [2007.11.05 23:07:43 | 000,000,182 | ---- | C] () -- C:\Windows\wininit.ini [2007.11.03 17:45:42 | 000,055,808 | -H-- | C] () -- C:\Users\Vorname Nachname\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007.11.01 19:23:16 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2007.11.01 19:20:45 | 000,003,425 | ---- | C] () -- C:\Windows\mozver.dat [2007.07.12 21:33:09 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ3.dat [2007.07.12 21:33:09 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ2.dat [2007.07.12 21:33:09 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat [2007.07.12 21:33:09 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat [2007.07.12 10:54:33 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat [2007.07.12 10:54:33 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll [2007.07.12 10:54:32 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2007.07.12 10:45:09 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2007.07.12 10:45:09 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2007.07.12 10:45:09 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2007.07.12 10:45:09 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2007.07.12 10:45:09 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2007.07.12 10:26:24 | 000,036,864 | ---- | C] () -- C:\Windows\System32\HWS_Ctrl.dll [2007.04.16 08:35:21 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini [2007.04.16 08:02:55 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2007.04.16 07:26:26 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini [2007.04.16 07:26:26 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll [2007.04.16 07:26:26 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini [2007.04.16 07:26:26 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini [2007.04.16 07:23:35 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll [2007.04.16 06:38:28 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll [2006.12.05 13:05:06 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2006.11.02 17:33:31 | 000,632,252 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2006.11.02 17:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2006.11.02 17:33:31 | 000,127,270 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2006.11.02 17:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006.11.02 14:47:37 | 000,398,280 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 12:33:01 | 000,598,900 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006.11.02 12:33:01 | 000,104,914 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2005.11.23 14:55:42 | 000,024,576 | ---- | C] () -- C:\Windows\System32\SPCtl.dll [2005.07.22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll ========== LOP Check ========== [2008.07.11 21:40:26 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\.BitTornado [2008.07.11 21:38:05 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Azureus [2007.10.29 17:26:18 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\DataDesign [2007.10.29 20:09:31 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\DesktopSMS [2011.02.06 20:52:10 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\elsterformular [2007.10.28 18:50:55 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\eMule [2011.04.21 19:33:53 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\ICQ [2007.10.28 16:21:24 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\ICQ Toolbar [2010.11.07 18:48:56 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\PPlive [2010.12.06 00:20:18 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Sony [2008.01.05 21:12:36 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Toshiba [2011.04.22 21:06:06 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011.04.22 21:50:31 | 000,000,408 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D6630931-2328-4D1E-B35F-D339EC6170AF}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2008.07.11 21:40:26 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\.BitTornado [2008.05.12 17:07:06 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Adobe [2007.10.28 17:46:13 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\AdobeUM [2007.12.09 20:33:24 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Ahead [2011.02.26 15:33:59 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Apple Computer [2007.10.27 19:50:46 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\ATI [2008.07.11 21:38:05 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Azureus [2007.10.29 17:26:18 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\DataDesign [2007.10.29 20:09:31 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\DesktopSMS [2009.01.08 05:06:40 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\DivX [2011.02.06 20:52:10 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\elsterformular [2007.10.28 18:50:55 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\eMule [2007.10.28 23:19:42 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Google [2011.04.21 19:33:53 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\ICQ [2007.10.28 16:21:24 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\ICQ Toolbar [2007.10.27 19:49:49 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Identities [2007.10.28 16:18:26 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Macromedia [2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Media Center Programs [2010.08.17 16:57:38 | 000,000,000 | --SD | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Microsoft [2008.11.27 21:18:07 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Mozilla [2007.12.18 20:29:23 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Nero [2010.11.07 18:48:56 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\PPlive [2010.12.19 14:38:40 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Real [2007.11.08 21:15:35 | 000,000,000 | RH-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\SecuROM [2010.12.06 00:20:18 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Sony [2008.01.05 21:12:36 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Toshiba [2009.10.18 16:16:00 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\Winamp [2007.10.29 21:58:33 | 000,000,000 | -H-D | M] -- C:\Users\Vorname Nachname\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2010.11.28 17:46:51 | 003,733,432 | -H-- | M] () -- C:\Users\Vorname Nachname\AppData\Roaming\PPlive\PPLite\Update\PPLite_Update.exe [2010.03.01 08:45:23 | 000,439,816 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\Vorname Nachname\AppData\Roaming\Real\Update\setup3.09\setup.exe [2010.03.14 11:45:48 | 000,443,912 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\Vorname Nachname\AppData\Roaming\Real\Update\setup3.10\setup.exe [2010.05.30 23:14:38 | 000,443,912 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\Vorname Nachname\AppData\Roaming\Real\Update\setup3.11\setup.exe [2010.12.15 20:01:16 | 000,510,120 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\Vorname Nachname\AppData\Roaming\Real\Update\setup3.13\setup.exe [2010.12.02 15:29:50 | 000,092,328 | -H-- | M] (RealNetworks, Inc.) -- C:\Users\Vorname Nachname\AppData\Roaming\Real\Update\setup3.13\ui_data\vista.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys [2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys [2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys [2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys [2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys [2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2008.02.13 19:40:24 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2008.02.13 19:40:24 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2008.02.13 19:40:23 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EXPLORER.EXE > [2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2007.11.17 16:50:42 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe [2007.11.17 16:50:41 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2006.11.02 11:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe [2008.01.19 09:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTOR.SYS > [2007.02.12 14:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Programme\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys [2007.02.12 14:37:22 | 000,537,368 | -H-- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Toshiba\Drivers\Robson\Winall\Driver64\IaStor.sys [2007.02.12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Programme\Intel\Intel Matrix Storage Manager\driver\iaStor.sys [2007.02.12 14:36:54 | 000,277,784 | -H-- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Toshiba\Drivers\Robson\Winall\Driver\iaStor.sys [2007.02.12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys [2007.02.12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys < MD5 for: IASTORV.SYS > [2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys [2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: KR10N.SYS > [2007.01.18 16:47:18 | 000,211,072 | -H-- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10i\KR10N.sys [2007.01.18 16:47:18 | 000,211,072 | -H-- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10n\KR10N.sys [2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\drivers\KR10N.sys [2007.01.18 16:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\DriverStore\FileRepository\kr10.inf_95888b8d\KR10N.sys < MD5 for: NETLOGON.DLL > [2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll [2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll [2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys [2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys [2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: SCECLI.DLL > [2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll [2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll < MD5 for: USER32.DLL > [2007.07.12 20:54:41 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll [2007.07.12 20:54:42 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll [2008.01.19 09:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2006.11.02 11:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe [2008.01.19 09:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006.11.02 11:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: WINLOGON.EXE > [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe [2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe [2006.11.02 11:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008.01.19 09:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2006.11.02 10:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys [2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys [2008.01.19 07:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2007.11.07 21:15:26 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys < %systemroot%\System32\config\*.sav > [2007.04.13 12:11:59 | 006,664,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2007.04.13 12:11:57 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2007.04.13 12:11:59 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2007.04.13 12:12:07 | 015,720,448 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2007.04.13 12:12:08 | 006,008,832 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009.03.08 13:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll [2009.03.08 13:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll [2011.02.17 08:23:50 | 000,420,864 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll < End of report > |
|
25.04.2011, 17:17
| #5 |
| | Wieder TR/Kazy.mekml.1 OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.04.2011 21:47:40 - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Vorname Nachname
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 50,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 70,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 27,47 Gb Free Space | 36,86% Space Free | Partition Type: NTFS
Drive E: | 73,06 Gb Total Space | 43,71 Gb Free Space | 59,83% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: ULTRABREMEN | User Name: Vorname Nachname | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] --
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Users\Vorname Nachname\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Users\Vorname Nachname\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Users\Vorname Nachname\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05A4B3B5-7DC9-42F1-A2C3-D1AC249867F0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{158C7FF2-D691-47BB-8BA3-4033CA889A3F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1CB559B9-BAEB-4AB4-BABE-5CBD7D01DFC1}" = lport=445 | protocol=6 | dir=in | app=system |
"{20D1A290-9360-4B83-8892-16C2B885B536}" = lport=2869 | protocol=6 | dir=in | app=system |
"{31C7CB7C-8648-460E-8D9E-F23549BA4551}" = rport=137 | protocol=17 | dir=out | app=system |
"{33D37C2C-0BA1-457C-9845-D9739DEF8A48}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3B93E511-97ED-475C-9FFC-0075C94B4E54}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3C66ECC1-AC13-4572-BAF4-F52B62565271}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{446CB6B8-C2CC-4247-9EA5-5CC7AECBE884}" = lport=137 | protocol=17 | dir=in | app=system |
"{493E308E-806D-4F2B-8256-97ECC7D0DF20}" = rport=445 | protocol=6 | dir=out | app=system |
"{4C82AB4D-3246-44A0-B894-FEBE0A564917}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4CCF1C5E-62AF-4788-A228-99FB1CC5F696}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{506585BF-DCF1-4AD6-AD22-31232A5BC84D}" = lport=139 | protocol=6 | dir=in | app=system |
"{70FB1BEC-A711-4208-83D0-F17981489510}" = rport=139 | protocol=6 | dir=out | app=system |
"{793B55CF-6EB4-4108-9E63-F93FA7A4159A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1A4E748-9D7D-480A-9BE1-1B52603653BE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BA4B8024-B77E-4C66-A27A-5B1B4A6BB63D}" = rport=138 | protocol=17 | dir=out | app=system |
"{BBABBDE9-2512-4E8D-B69A-095B0F3886C4}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{BDC48A39-EDA1-40D5-BD9F-F26F6A67049F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C6C2A9CB-DC50-450E-963A-AE438ECB85B2}" = lport=138 | protocol=17 | dir=in | app=system |
"{F6932EE8-94DA-4789-A6DA-6786622D1939}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{072B379A-F999-41FF-A92D-3EA2265AC867}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{092C95E3-9923-4FD7-96AA-5AEB8B77B210}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{0D63E167-4B32-4892-8776-2135E6C4B73D}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{129C3E2A-8B99-42C2-9304-6B6CE43598F9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{133922C3-7976-4A6B-B808-CF4FD3585977}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1B471D04-FF1F-4F2F-BCAD-2B5A0A59FB85}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{32B8E33E-6BBA-4382-B74D-96171F27028F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3E905B1C-260D-480B-83B4-6E348590118A}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{58BF4B6A-3BE5-4192-BD52-20996A9C9036}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{59D8CDFD-4041-46F4-9CB0-5B40EF7BABE1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6D20E5B3-362D-4E61-B06D-40C3DE59163D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{73A7AE58-1EFE-49A5-9FB8-9D725E2588EF}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{7B5C8289-F21B-45B0-BAF0-5A07A4014EFA}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{8355209D-9BA3-40A4-857F-A89EBB13FA36}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{86D1EA07-80A3-488C-89EB-5C896D0499BA}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{8D185EFE-D076-4AF1-AF6A-019AAAE740F4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{90EABE76-8F4F-43C9-A321-0B130AEC17EE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{95921B41-2C2B-408E-A44A-01C4EBA9BD19}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{97DCF962-21A7-4240-8474-6FA26B9A9E18}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{9DEEF9AE-7F56-4A25-9F0E-57774E776AF4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9FD8105F-CF80-4DD4-8833-85CD9D782DCF}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{A1B5BC4F-B4A0-4420-9783-3E24999D90F9}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{AC39B2C6-DE2F-4FEE-BDFE-FF4571BFDDBF}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{AF902280-9423-45DE-9B31-968A19769F96}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{B73D25C9-D1DF-4A26-AA92-6DB49E5BF636}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CEB12819-8E2C-4ECF-8854-F687F4A6A77B}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe |
"{D0616EC5-8044-4E41-B02C-F7800241716E}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe |
"{D20F6EB8-566B-4A32-BC1D-E11C00D39791}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{D81B76F8-DD6D-45CD-8324-9EC9213C9180}" = protocol=17 | dir=in | app=c:\program files\alice software\alicesetup.exe |
"{DC2B0368-96BA-4E98-B38B-A92E53D23D84}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{E3A9041F-B04F-4161-82AC-EB31BF97891B}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{F2F9F04C-F0E0-4309-8A49-655FDDF1B187}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F70D7DE2-539B-46CE-82A5-2CA324764647}" = protocol=6 | dir=in | app=c:\program files\alice software\alicesetup.exe |
"TCP Query User{5DE995EB-B19F-4ACF-BD83-AACB261876F1}C:\program files\soulseekns\slsk.exe" = protocol=6 | dir=in | app=c:\program files\soulseekns\slsk.exe |
"TCP Query User{69B94844-3434-495B-9B55-6CD45AF81234}C:\program files\common files\pplivenetwork\ppap.exe" = protocol=6 | dir=in | app=c:\program files\common files\pplivenetwork\ppap.exe |
"TCP Query User{931959DC-4DDB-4BD2-B77D-828C362DDDFB}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{9609097D-6A07-4B98-95A0-11808AAF46A3}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{A14BBD5F-03CD-472E-9768-59A3158ECEC1}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{A187F465-46CD-4FAA-8665-C1B2B798B9E4}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{A3A091BE-68E8-484B-8B8D-8405116E2E64}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{AD4104FD-17F1-44C3-8436-46B03F40E2C6}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{BA05DF39-2352-4F02-B806-50308C921746}C:\program files\icq6\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6\icq.exe |
"TCP Query User{E7D8044F-2652-4B36-BC86-478B1773CA20}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{1ABAD345-7663-4528-9E8C-5D86AEAE4B2E}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{30BEC10E-F451-423C-B054-AC9ACA1B57B6}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{48E7CB70-3F36-4ABD-AD75-B747E0C154C4}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{640575F6-279D-413A-9742-7396111DBAC1}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{7787206A-9F8B-4FA3-AEE5-F6866AC8860C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{AA0630DE-298D-4273-B2D1-34C28B3A2632}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{AD97C1FA-54A5-46B6-BE3E-80313A6599A4}C:\program files\common files\pplivenetwork\ppap.exe" = protocol=17 | dir=in | app=c:\program files\common files\pplivenetwork\ppap.exe |
"UDP Query User{B923742D-5C80-4159-A786-A8020E0D2743}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{DE40CABF-AD61-43B5-98D4-E31ABA82C669}C:\program files\icq6\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6\icq.exe |
"UDP Query User{ECE39C98-E0EC-4D72-BACA-7F950F9BE696}C:\program files\soulseekns\slsk.exe" = protocol=17 | dir=in | app=c:\program files\soulseekns\slsk.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00004EE8-1E8B-BB10-6588-07DF0D120F6B}" = CCC Help Korean
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02E107FC-1861-FC4A-E80F-07DA9DC5808C}" = Catalyst Control Center Graphics Previews Vista
"{03C55715-3545-2DF8-8C64-2BB877955150}" = Catalyst Control Center Localization Chinese Traditional
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0755396F-D048-8CDD-6AC3-C7C83A6869B5}" = CCC Help Czech
"{08B7B1F9-A8EB-7632-FFC3-04AB5328143B}" = CCC Help Chinese Standard
"{09F52B2B-8B36-130C-5EBD-6E5FFC5FA0B7}" = CCC Help English
"{0E1C53DA-DF86-845A-7BEB-14C4A8E0B150}" = Catalyst Control Center Localization Korean
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15B924BC-AEB2-7E31-F414-1FC7B385846A}" = CCC Help Greek
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20CFE038-F4CE-0716-DCA0-04BBD67FE5EA}" = CCC Help Turkish
"{2126F5BB-AB90-083F-7AA8-A29D73819DAA}" = CCC Help French
"{22543949-70E8-45D0-A938-F38143EB8BF8}" = Catalyst Control Center - Branding
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{26E6EA50-532C-8CF3-5EB4-8C8D306EAB58}" = Catalyst Control Center Localization Polish
"{27CD3616-D3B0-834C-89A3-4FC5CEE7374D}" = Catalyst Control Center Graphics Full Existing
"{28912B61-0265-3C33-7EC7-14345AC76E3D}" = CCC Help Hungarian
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D06C1FE-8454-5663-D0E9-1C130FD96446}" = Catalyst Control Center Localization Norwegian
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{30F9E15A-EE25-6D32-62CE-2E6BEAED3766}" = CCC Help Italian
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{342A19C7-3335-C02F-F1DD-3A0B49C3D047}" = Catalyst Control Center Localization Greek
"{34EF4F67-A3CE-DAB6-FA06-7C4C59A0D462}" = Catalyst Control Center Localization Swedish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE22BE4-E2D3-F0E8-1C52-1B5A5F97B876}" = Catalyst Control Center Localization Turkish
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{400F4990-B111-109A-6B08-E80CB42651AA}" = Catalyst Control Center Localization Danish
"{4160DC5B-4C56-D0C3-C5FD-F5BDAD3C882B}" = ATI Catalyst Install Manager
"{44479884-EB6D-38DA-1D3E-835625E40F7E}" = Catalyst Control Center Graphics Previews Common
"{480CA9F1-17E2-0B15-9684-511C0A083F92}" = Catalyst Control Center Localization Thai
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F31172C-2692-BB28-8F5B-86474CEC5D33}" = Catalyst Control Center Localization Chinese Standard
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54AAFB71-6DCB-32EB-8F91-DA7643497ED4}" = Catalyst Control Center Localization Spanish
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5980B928-1C95-4B3E-957B-B02D8147FF9E}" = Desktop SMS
"{5D1CB0EC-0CA2-B4FD-2A10-2503A3CF7E46}" = Catalyst Control Center Localization Italian
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5EFE618D-0100-6DE7-9894-5FD057103871}" = Catalyst Control Center Core Implementation
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{63D10FBD-5667-DAD9-0B31-CED873B3F7EF}" = Catalyst Control Center Graphics Light
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7936153F-8D09-BC11-6DC4-1D4DEAB9D680}" = CCC Help Thai
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{816B8A02-76F0-AE47-E28F-0AD114CC261E}" = CCC Help Polish
"{82AB4F83-BBBA-8F04-EE34-11F74E39A4B6}" = Catalyst Control Center Localization German
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86158699-F584-0DC9-119D-C5A6591090FB}" = CCC Help Chinese Traditional
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1031}" = Nero 8
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{920E3F1A-0B73-807D-EE0E-E6D89D4E5DDE}" = Catalyst Control Center Localization Dutch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9743AF47-B746-4324-B4C4-512E67D04370}" = Symantec Technical Support Web Controls
"{985AF15E-776F-3CDD-EB92-2DAFF02697FB}" = Skins
"{98CE747E-4948-10B0-BBF0-5981A11114D1}" = Catalyst Control Center Localization Hungarian
"{99F54171-AE4A-579B-1544-5870478FC8F7}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A1BAD23B-748C-50FD-CCA9-956C3F54D138}" = CCC Help German
"{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{ABD82299-8034-4B44-4FDB-3F8971C20575}" = CCC Help Finnish
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch
"{ACE07E37-A416-9A6B-D352-C776FFA49493}" = CCC Help Spanish
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2AEC44B-F926-773D-D028-77CADEF8D9D3}" = CCC Help Norwegian
"{B537ACDB-7C56-83B6-034C-A5AF6400F789}" = CCC Help Swedish
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8AB4511-EECC-9299-45B3-F25F4774F6F2}" = CCC Help Russian
"{BD75C1A0-F0ED-B54A-B49C-3244B47BA803}" = ccc-utility
"{C6317675-96CC-D2AE-40F2-698F3DED64B4}" = CCC Help Portuguese
"{C6AC04F5-5916-4A02-BC36-AF5BC0A3CBD4}" = Media Go
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7FAEA9E-A14C-D8C9-EEE9-8D43F9E09565}" = Catalyst Control Center Localization Czech
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CC35C434-FFC8-BDD8-44F0-ED0972484C56}" = CCC Help Dutch
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D646CA8B-5227-1598-5E9C-132B2D89A38D}" = Catalyst Control Center Localization Japanese
"{D8E19743-2311-4828-A408-66ECD553C8B1}" = DDBAC
"{D8E302CB-8517-3E9B-C6C9-E90A21C6EFC5}" = CCC Help Danish
"{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0BB634D-B374-A329-EE5D-22C279F92A7F}" = ccc-core-static
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1C1426C-6670-4068-6398-EB490D45979F}" = Catalyst Control Center Localization Portuguese
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8B5B814-A3BF-F83F-09ED-AED9EE88211A}" = Catalyst Control Center Localization French
"{F927176F-F8F0-FACF-A57E-4F95714B6F00}" = Catalyst Control Center Localization Russian
"{FA7BB878-FC13-7548-13D3-18A53381014D}" = CCC Help Japanese
"{FB56EE4D-7CBC-6FDC-E336-52BD269E4CF6}" = Catalyst Control Center Localization Finnish
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ElsterFormular für Privatanwender 12.0.0.5880p" = ElsterFormular für Privatanwender
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"facemoods" = facemoods
"Google Chrome" = Google Chrome
"ICQToolbar" = ICQ Toolbar
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{A6D4234C-CB02-4048-AC3E-AD09404FA35A}" = Emdedded IR Driver
"InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"iswum" = Favorit
"JDownloader" = JDownloader
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.0.14)" = Mozilla Firefox (3.0.14)
"myphotobook" = myphotobook 3.1
"NSS" = Norton Security Scan
"PPLite" = PPLite 1.0.0.0016
"RealPlayer 12.0" = RealPlayer
"Secured eMule" = Secured eMule
"SopCast" = SopCast 3.0.3
"Soulseek2" = SoulSeek 157 NS 13e
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Veetle TV" = Veetle TV 0.9.18
"WinAce Archiver" = WinAce Archiver
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3524301913-231062402-724334447-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 21.04.2011 12:22:45 | Computer Name = UltraBremen | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.04.2011 13:08:26 | Computer Name = UltraBremen | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung OTL.exe, Version 3.2.22.3, Zeitstempel 0x2a425e19,
fehlerhaftes Modul user32.dll, Version 6.0.6002.18005, Zeitstempel 0x49e0380e,
Ausnahmecode 0xc0000005, Fehleroffset 0x00019c5b, Prozess-ID 0xd7c, Anwendungsstartzeit
01cc004104967fb3.
Error - 21.04.2011 13:16:45 | Computer Name = UltraBremen | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 21.04.2011 13:32:45 | Computer Name = UltraBremen | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.04.2011 14:55:49 | Computer Name = UltraBremen | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.04.2011 14:55:52 | Computer Name = UltraBremen | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.04.2011 15:00:40 | Computer Name = UltraBremen | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.04.2011 15:07:59 | Computer Name = UltraBremen | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.04.2011 15:08:02 | Computer Name = UltraBremen | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 22.04.2011 15:08:55 | Computer Name = UltraBremen | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\real\realplayer\plugins\rmxrend.dll".
Die
abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 13.06.2008 15:33:24 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 13.06.2008 15:33:25 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 20.06.2008 12:07:09 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 20.06.2008 12:07:32 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 12.07.2008 20:07:07 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 14.09.2008 12:24:44 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 14.09.2008 12:26:57 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 14.09.2008 12:27:18 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 26.11.2008 08:40:35 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
Error - 22.01.2009 18:07:02 | Computer Name = UltraBremen | Source = Media Center Guide | ID = 0
Description = Ereignisinformationen: ERROR: SqmApiWrapper.TimerRecord failed; Win32
GetLastError returned 10000105 Prozess: DefaultDomain Objektname: Media Center Guide
[ OSession Events ]
Error - 15.07.2010 16:45:27 | Computer Name = UltraBremen | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 344
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 22.04.2011 15:23:48 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
Error - 22.04.2011 15:23:56 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
Error - 22.04.2011 15:24:10 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
Error - 22.04.2011 15:29:06 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
Error - 22.04.2011 15:29:23 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
Error - 22.04.2011 15:29:31 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
Error - 22.04.2011 15:32:12 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
Error - 22.04.2011 15:40:01 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
Error - 22.04.2011 15:40:10 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
Error - 22.04.2011 15:48:05 | Computer Name = UltraBremen | Source = DCOM | ID = 10016
Description =
< End of report >
|
|
25.04.2011, 20:16
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Wieder TR/Kazy.mekml.1 Meine Antwort gepflegt überlesen oder ignoriert?
__________________ --> Wieder TR/Kazy.mekml.1 |
|
| Themen zu Wieder TR/Kazy.mekml.1 |
| ahnung, andere, beste, besten, extras, files, geholfen, lieber, log, log files, markusg, sämtliche, tr/kazy.mekml.1, troja, trojaner |
Linear-Darstellung
